2276468eee67f48ec7cdefa921419f14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2276468eee67f48ec7cdefa921419f14_JaffaCakes118
Size

569KB
MD5

2276468eee67f48ec7cdefa921419f14
SHA1

5048c4927855906dc15b2f40a95c09719128334a
SHA256

d42f395777c54169f6323ce227eb66bfa82949c673fc0c8365ec80fb5b3a6486
SHA512

2ad1a153d7185c29f31a7c12494f5ebc9f8958f7c47b1ddd7e9653c0d2fa7dd7fb9515b54f7a56a3cf18174937450967dc2c4f4e2acaf57294d266f00a178ef1
SSDEEP

12288:TtZ3nYm/akmkQyBJMGFFSZS2icVMYbE8Id8UuDOxshj5jNAkt8J:LYoDSZS2icV3tId8nSsZNbt8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2276468eee67f48ec7cdefa921419f14_JaffaCakes118

Files

2276468eee67f48ec7cdefa921419f14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6af916cc54dc44a212898334da3c9ad5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FillConsoleOutputAttribute
GetLocaleInfoA
HeapReAlloc
LocalFree
GetCurrentProcessId
PulseEvent
HeapCreate
GetSystemInfo
TerminateProcess
HeapFree
TlsSetValue
GetStdHandle
SystemTimeToFileTime
GetLastError
CreateMutexA
TlsAlloc
LeaveCriticalSection
HeapAlloc
GetTimeZoneInformation
HeapSize
GetDriveTypeW
LocalSize
GetEnvironmentVariableA
GetProcAddress
VirtualAlloc
GetStartupInfoA
GetLocaleInfoW
GetModuleHandleA
GetFileType
UnhandledExceptionFilter
GetOEMCP
ReadFile
HeapDestroy
InterlockedExchange
LCMapStringW
GetCPInfo
GetStringTypeA
DebugActiveProcess
TlsGetValue
EnterCriticalSection
LCMapStringA
VirtualProtect
LoadLibraryA
IsValidCodePage
WriteConsoleInputA
RtlUnwind
InitializeCriticalSection
GetTickCount
SetLastError
QueryPerformanceCounter
SetConsoleWindowInfo
GetCommandLineW
GetDateFormatA
WideCharToMultiByte
GetEnvironmentStrings
TlsFree
WriteFile
GetUserDefaultLCID
ReleaseMutex
CompareStringA
LoadLibraryExA
SetFilePointer
GetCurrentThreadId
GetStringTypeW
FreeResource
WriteProfileStringA
ConnectNamedPipe
CompareStringW
DeleteCriticalSection
SetStdHandle
GetVersionExA
OpenMutexA
GetModuleFileNameW
MultiByteToWideChar
VirtualFree
GetCurrentProcess
GetTimeFormatA
GetACP
GetSystemTimeAsFileTime
CreateMailslotW
GetModuleFileNameA
GetEnvironmentStringsW
FindNextFileW
SetHandleCount
IsValidLocale
ReadConsoleA
VirtualQuery
EnumSystemLocalesA
FillConsoleOutputCharacterW
CreateThread
CloseHandle
IsBadWritePtr
GetCurrentThread
lstrcmpi
FlushFileBuffers
FreeEnvironmentStringsA
SystemTimeToTzSpecificLocalTime
GetStartupInfoW
DeleteAtom
SetEnvironmentVariableA
FormatMessageW
ExitProcess
FreeEnvironmentStringsW
GetCommandLineA

wininet

GetUrlCacheEntryInfoExW
ShowClientAuthCerts
ResumeSuspendedDownload
FtpSetCurrentDirectoryW

user32

ShowCaret
GetAltTabInfo
RegisterClassA
RegisterClassExA
SendMessageTimeoutA
DdeKeepStringHandle
CharToOemBuffW

advapi32

CryptEnumProviderTypesA
LookupAccountSidW
CryptContextAddRef
RegSaveKeyW
CryptVerifySignatureW
RevertToSelf
RegDeleteValueW
RegEnumValueW
RegOpenKeyW
CryptSetProviderW
AbortSystemShutdownW
LookupPrivilegeNameW
RegSetValueW
CryptEncrypt
CryptVerifySignatureA
CryptHashSessionKey
RegReplaceKeyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6af916cc54dc44a212898334da3c9ad5

Headers

File Characteristics

Imports

kernel32

wininet

user32

advapi32

comctl32

Sections

.text Size: 411KB - Virtual size: 410KB

.rdata Size: 35KB - Virtual size: 52KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 411KB - Virtual size: 410KB

.rdata
Size: 35KB - Virtual size: 52KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 15KB - Virtual size: 15KB