25105bdbd5631f3ae959214260da52c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25105bdbd5631f3ae959214260da52c0_JaffaCakes118
Size

532KB
MD5

25105bdbd5631f3ae959214260da52c0
SHA1

fc3edb877e21661a90af2ddad8161295abb7bcb5
SHA256

0d371b578d0976266a74555e5ed0f1d9c06f4aa43ce1e7adeff6c5eba7b40492
SHA512

e30df7e88a9f3e91922f5dcfbedd07d30ba4b2f93f57664ddfc0484ebae4a67014fbec59d5a6d6d4674703dda9a5053d80f01424f1e4d051566fcd3d457deb8c
SSDEEP

12288:YIk7sw5Yb3odSS2W3YpSPBPS9mHMMInDGwVDAULqDkIkhYl:Lw5NiLSPBKmHMdnDG+LLqoINl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25105bdbd5631f3ae959214260da52c0_JaffaCakes118

Files

25105bdbd5631f3ae959214260da52c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8687aa0d7dee946f753a807631a90a23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

CryptGenKey
RegQueryValueExW
CryptContextAddRef
CryptSignHashA
CryptHashData
CryptEnumProvidersW
CryptDestroyHash
RegCreateKeyExA
LogonUserA
RegDeleteValueA
RegReplaceKeyW
CryptVerifySignatureA
CryptSetProviderExW
RevertToSelf
CryptEnumProvidersA
RegNotifyChangeKeyValue
LookupPrivilegeDisplayNameA
CryptImportKey
CryptEnumProviderTypesW
InitiateSystemShutdownA
RegSaveKeyW
LookupAccountSidA
RegSetValueW

user32

RegisterClassA
GetClassLongW
GetKeyState
SetPropW
GetDialogBaseUnits
RegisterWindowMessageW
RegisterClassExA
GetWindowInfo
RegisterWindowMessageA
OpenIcon
InflateRect
ShowScrollBar

comdlg32

GetFileTitleA
GetSaveFileNameW

wininet

GetUrlCacheEntryInfoExA
HttpEndRequestW
InternetSetDialState
InternetErrorDlg
FindFirstUrlCacheEntryExA
DeleteIE3Cache
SetUrlCacheGroupAttributeW
GopherFindFirstFileA
FindNextUrlCacheContainerA

shell32

SHAddToRecentDocs

kernel32

FreeEnvironmentStringsA
InterlockedDecrement
WriteConsoleA
HeapSize
WriteConsoleW
GetLocaleInfoW
GetCPInfo
LeaveCriticalSection
GetCurrentProcess
CreateFileA
DeleteCriticalSection
TransactNamedPipe
TerminateProcess
GetPriorityClass
WaitForSingleObjectEx
GetConsoleOutputCP
RtlUnwind
GetStartupInfoW
LCMapStringA
SetLastError
IsValidLocale
LoadLibraryA
FindFirstFileExW
GetLocaleInfoA
SetFilePointer
ExitProcess
SleepEx
SetUnhandledExceptionFilter
SetHandleCount
GetModuleHandleA
ReadFile
GetTimeFormatA
GlobalGetAtomNameW
GetStringTypeA
HeapDestroy
EnumSystemLocalesA
CompareStringA
SetEnvironmentVariableA
QueryPerformanceCounter
GetProcessHeap
GetCurrentProcessId
GetTimeFormatW
GetConsoleCP
GetStdHandle
GetPrivateProfileStructW
GetSystemTimeAsFileTime
EnumDateFormatsW
SetStdHandle
GetCommandLineW
GetEnvironmentStrings
ReadFileEx
FreeLibrary
GetEnvironmentStringsW
FindResourceExW
VirtualAlloc
TlsSetValue
GetTimeZoneInformation
HeapAlloc
WideCharToMultiByte
EnterCriticalSection
LCMapStringW
IsDebuggerPresent
HeapCreate
InterlockedIncrement
HeapReAlloc
GetUserDefaultLCID
DeleteAtom
GetStartupInfoA
GetLastError
SetVolumeLabelA
IsValidCodePage
GetCurrentThreadId
Sleep
TlsFree
FlushFileBuffers
HeapFree
SetConsoleCtrlHandler
TlsGetValue
OpenMutexA
GetCommandLineA
TlsAlloc
GetOEMCP
GetModuleFileNameA
GetACP
GetStringTypeW
FoldStringA
RemoveDirectoryA
InitializeCriticalSection
SuspendThread
UnhandledExceptionFilter
VirtualFree
FreeEnvironmentStringsW
SetWaitableTimer
GetDateFormatA
FindFirstFileExA
InterlockedExchange
GetCurrentThread
GetProcAddress
CreateMutexA
GetVersionExA
MultiByteToWideChar
CloseHandle
GetTempFileNameW
WriteFile
GetTickCount
GetConsoleMode
GetFileType
GetSystemDefaultLangID
VirtualQuery
GetModuleFileNameW
CompareStringW

Sections

.text
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8687aa0d7dee946f753a807631a90a23

Headers

File Characteristics

Imports

comctl32

advapi32

user32

comdlg32

wininet

shell32

kernel32

Sections

.text Size: 377KB - Virtual size: 376KB

.rdata Size: 20KB - Virtual size: 49KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 377KB - Virtual size: 376KB

.rdata
Size: 20KB - Virtual size: 49KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 18KB - Virtual size: 17KB