261289ef1a78e38e1dc336c2ea735ae9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

261289ef1a78e38e1dc336c2ea735ae9_JaffaCakes118
Size

453KB
MD5

261289ef1a78e38e1dc336c2ea735ae9
SHA1

cc646b3a945be5a1e8f1a63e6bd568ab0124a9c1
SHA256

1eee85037cec30501d80a1c329891da94e2b0ff1d9e460c1eaf2eedd813a3a31
SHA512

06016d9d37c28ee06842523298d08dd522a2703bbea184b2dad76a6c6946388810b4214f3e0a18600d1b21e215b7e280c3e26473a81bec8cc6c9e17c0aa46ac5
SSDEEP

12288:vJKyRecj1yQxhFVA0zX7ZSMXq8xrNM4x8QZsj0p:vJKyReoyQ5VRzX7ZSqC4xb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261289ef1a78e38e1dc336c2ea735ae9_JaffaCakes118

Files

261289ef1a78e38e1dc336c2ea735ae9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

990dbb3304681278641d29598516ce35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\otlqfr\akmoecva\

Imports

advapi32

RegDeleteValueW
RegCreateKeyA
RegDeleteValueA
RegCloseKey
RegNotifyChangeKeyValue
RegDeleteKeyW
StartServiceW
CreateServiceW
CryptEnumProviderTypesA
RegSaveKeyA
CryptHashData
CryptCreateHash
CryptSetProviderExW
CreateServiceA
CryptDuplicateKey
RegLoadKeyA
AbortSystemShutdownA
CryptEnumProviderTypesW
LookupPrivilegeDisplayNameA
RegCreateKeyExA
CryptGetProvParam
RegQueryValueExW

wininet

FtpGetFileEx

comctl32

DrawStatusTextW
ImageList_AddIcon
GetEffectiveClientRect
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_AddMasked

kernel32

GetFullPathNameA
GetCurrentThread
GetProcAddress
GetLastError
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
SetFilePointer
LCMapStringW
WriteFile
RtlUnwind
GetCurrentProcess
OpenFileMappingA
HeapFree
FreeEnvironmentStringsA
FlushFileBuffers
EnterCriticalSection
HeapCreate
GetStdHandle
GetFileType
VirtualAlloc
FoldStringW
GetCommandLineA
GetCPInfo
HeapDestroy
TlsAlloc
CloseHandle
HeapAlloc
GetAtomNameW
DeleteCriticalSection
GetLogicalDriveStringsW
TlsGetValue
CreateMutexA
LockFileEx
MultiByteToWideChar
GetStringTypeW
SetStdHandle
GetStringTypeA
ReadConsoleA
SetHandleCount
SetLastError
GetProcAddress
UnhandledExceptionFilter
ReadConsoleOutputCharacterW
GetStartupInfoA
WriteConsoleOutputCharacterW
GetModuleFileNameA
TlsSetValue
SetEnvironmentVariableA
GetCurrentProcessId
GetSystemTime
InterlockedExchange
LoadLibraryA
InterlockedIncrement
GetACP
GetPriorityClass
LeaveCriticalSection
InterlockedDecrement
VirtualQuery
GetModuleHandleA
GetTickCount
ExitProcess
GetEnvironmentStrings
VirtualFree
OutputDebugStringW
TlsFree
TerminateProcess
GetOEMCP
OpenMutexA
LCMapStringA
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
CompareStringA
HeapReAlloc
GetEnvironmentStringsW
InitializeCriticalSection
ReadFile
QueryPerformanceCounter
GetTimeZoneInformation
IsBadWritePtr
CompareStringW
GetLocalTime
GetVersion
GetSystemDefaultLCID
DeleteFileA

shell32

SHGetMalloc

user32

SystemParametersInfoA
MapDialogRect
UnpackDDElParam
MessageBoxIndirectA
RegisterClassA
DdeQueryNextServer
DlgDirListComboBoxW
DeleteMenu
ShowCursor
IsZoomed
GetKeyNameTextA
GetClassInfoW
TranslateAccelerator
ModifyMenuA
DispatchMessageW
ScrollWindow
GetSystemMenu
EnumDesktopsA
GetMenuBarInfo
CharNextW
SetCursorPos
LookupIconIdFromDirectory
DrawFrameControl
SetUserObjectInformationW
CharLowerW
GetMessageExtraInfo
DefMDIChildProcA
DrawAnimatedRects
DefWindowProcA
SetWinEventHook
EnumWindowStationsA
MapVirtualKeyW
CharUpperBuffW
CallMsgFilterW
SwapMouseButton
EnumDisplayMonitors
DestroyAcceleratorTable
RegisterClassExA
DdeDisconnectList
GetCursor
CallMsgFilterA

comdlg32

ChooseColorA
PrintDlgA

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

990dbb3304681278641d29598516ce35

Headers

File Characteristics

PDB Paths

Imports

advapi32

wininet

comctl32

kernel32

shell32

user32

comdlg32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 252KB - Virtual size: 252KB

.data Size: 101KB - Virtual size: 105KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 252KB - Virtual size: 252KB

.data
Size: 101KB - Virtual size: 105KB

.rsrc
Size: 28KB - Virtual size: 27KB