1bd0150a2adf65aeb62243594e816bb2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1bd0150a2adf65aeb62243594e816bb2_JaffaCakes118
Size

7.4MB
MD5

1bd0150a2adf65aeb62243594e816bb2
SHA1

299728c969847cd418b47a82cbf280fb092ee11d
SHA256

d7cf1f743a5a6eb146caaae4eacd8f097b37530efb8291ec747a66eb283c78db
SHA512

7f87cee494e9f9af1cb6762329706c71082fbd09df1b3856d6ac37f0d75e519e19a2ec73bc0ace9bbe7a62d91232d300f3ecce84da0112a616cbd34e16446bed
SSDEEP

196608:giU2ykzf+659HP7rUu2c5yQ3suK5mBi89ZMoWfr:goyl659HP7rUuHxLY62fr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bd0150a2adf65aeb62243594e816bb2_JaffaCakes118

Files

1bd0150a2adf65aeb62243594e816bb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0e1a2749d2101c7bb9bf19de4b54d59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryW
GetCurrentDirectoryA
DeleteFileA
WaitForSingleObject
GetCPInfo
GetExitCodeProcess
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapSize
HeapAlloc
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
GetTickCount
CloseHandle
CreateThread
Sleep
GetOEMCP
SetEndOfFile
SetFilePointer
CompareFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
GetLocalTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
ReadFile
GetFileSize
GetLastError
LocalFree
GetFullPathNameW
GetFullPathNameA
GetTempPathW
GetModuleFileNameW
MoveFileW
CopyFileW
DeleteFileW
GetFileAttributesW
CreateDirectoryW
SetCurrentDirectoryW
SetCurrentDirectoryA
SetFileAttributesW
GetFileTime
RemoveDirectoryW
GetTimeZoneInformation
MoveFileA
WriteFile
CopyFileA
GetFileAttributesA
FormatMessageA
GetTempPathA
GetModuleFileNameA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetACP
IsBadReadPtr
CreateFileW
GetVersionExA
WideCharToMultiByte
GetProcAddress
LoadLibraryA
LocalAlloc
FreeLibrary
RtlUnwind

user32

RegisterClassExW
LoadCursorA
DialogBoxParamW
CreateWindowExW
SetWindowPos
LoadStringW
CopyRect
GetWindowRect
GetDesktopWindow
MessageBoxW
PostQuitMessage
EndDialog
SetDlgItemTextA
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
GetDlgItem
SendMessageA
OffsetRect
PostMessageA
SetTimer
GetDlgItemTextA
LoadStringA
DefWindowProcA
DestroyWindow
BeginPaint
EndPaint
GetDlgItemTextW
SetWindowTextW
MoveWindow
SetDlgItemTextW
EnableWindow

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHGetMalloc

crypt32

CertNameToStrA
CertFreeCertificateContext
CryptDecodeObject
CertCloseStore

ws2_32

WSAStartup
setsockopt
WSAGetLastError
socket
inet_addr
htons
gethostbyname
connect
ioctlsocket
select
bind
closesocket
shutdown
recv
send

advapi32

RegOpenKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
GetUserNameA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0e1a2749d2101c7bb9bf19de4b54d59

Headers

File Characteristics

Imports

kernel32

user32

shell32

crypt32

ws2_32

advapi32

Sections

.text Size: 588KB - Virtual size: 584KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 120KB - Virtual size: 137KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 588KB - Virtual size: 584KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 120KB - Virtual size: 137KB

.rsrc
Size: 4KB - Virtual size: 3KB