2628066ab8e0d0e1504d8bfe9b06fe73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2628066ab8e0d0e1504d8bfe9b06fe73_JaffaCakes118
Size

899KB
MD5

2628066ab8e0d0e1504d8bfe9b06fe73
SHA1

1bf0a44b7228b836a81454759feb0f3e355ad39b
SHA256

cacb2c8c0784cfeb10a12ea6a04e46a0af01862e1d7aecbe5eb220051cfa5a85
SHA512

8e238df0877bdd16588e5ea1c902b6a741ef2dba236ca407397a8b1cb91396633e0b8932ca7ad3151d76918edc2e19642c589432101aa6b019c17e8212c77d6d
SSDEEP

24576:8utGSDG4BLFAelYb9gYKz593I65F7sIgT8MVLZQDNH6P8B:8uoSOb9e977gYmSpaPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2628066ab8e0d0e1504d8bfe9b06fe73_JaffaCakes118

Files

2628066ab8e0d0e1504d8bfe9b06fe73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

511c54be20ef616b59ae9b28aae04cdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\lc

Imports

advapi32

RegEnumKeyA
LookupPrivilegeValueW
CreateServiceW
RegOpenKeyExA
LookupSecurityDescriptorPartsW
CryptVerifySignatureA
CryptEnumProvidersA
LookupPrivilegeValueA
RegEnumValueW
CryptSetProviderExA
LookupAccountSidA

comctl32

CreateMappedBitmap
InitCommonControlsEx
DrawInsert
ImageList_Replace
ImageList_SetImageCount
DestroyPropertySheetPage
ImageList_Copy
InitMUILanguage
ImageList_SetDragCursorImage
CreatePropertySheetPageW

user32

RegisterClassA
DefDlgProcW
RegisterClassExA
SetRectEmpty
SendNotifyMessageA
CreateWindowStationW
DrawTextExW
SetWindowContextHelpId
DdeKeepStringHandle
ChangeDisplaySettingsA
EmptyClipboard
DlgDirListComboBoxW
GetWindowLongA

kernel32

GetConsoleCP
RtlUnwind
GetUserDefaultLCID
TerminateProcess
GlobalAddAtomW
OpenFileMappingA
GetCurrentThread
GetFileType
GlobalDeleteAtom
GetModuleHandleA
GetCPInfo
LoadLibraryA
DebugBreak
GetModuleFileNameA
GetLocaleInfoW
SetConsoleCtrlHandler
VirtualQuery
GetConsoleOutputCP
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileStructW
VirtualAlloc
FillConsoleOutputAttribute
GetStringTypeW
InterlockedIncrement
HeapReAlloc
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
GetCurrentProcess
CreateFileA
GetCommandLineW
VirtualFree
FlushFileBuffers
lstrlenA
GetConsoleMode
GetTimeZoneInformation
TlsGetValue
GetProcAddress
FindNextFileW
CreateMutexA
GetDateFormatA
FreeEnvironmentStringsW
SetLastError
LoadLibraryW
GetACP
Sleep
WriteFile
IsBadReadPtr
GetProcessHeap
TlsSetValue
MultiByteToWideChar
GetStdHandle
GetCurrentThreadId
WriteConsoleA
SetHandleCount
GetStartupInfoA
IsValidLocale
OutputDebugStringA
EnterCriticalSection
RaiseException
InterlockedDecrement
EnumSystemLocalesA
ReadFile
TlsFree
LCMapStringA
CloseHandle
TlsAlloc
FreeLibrary
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
HeapFree
ExitProcess
WriteConsoleW
LCMapStringW
GetSystemTimeAsFileTime
lstrcpyW
OutputDebugStringW
OpenMutexA
GetTickCount
SetUnhandledExceptionFilter
SetStdHandle
SetFilePointer
GetLocaleInfoA
GetCurrentProcessId
LocalLock
GetProfileStringA
SetEnvironmentVariableA
IsDebuggerPresent
GetCommandLineA
GetStartupInfoW
HeapAlloc
CompareStringA
HeapValidate
LeaveCriticalSection
GetStringTypeA
GetModuleFileNameW
GetTimeFormatA
IsValidCodePage
HeapSize
CompareStringW
GetLastError
GetOEMCP
HeapDestroy
InterlockedExchange
HeapCreate

comdlg32

PrintDlgW
GetOpenFileNameW

Sections

.text
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

511c54be20ef616b59ae9b28aae04cdb

Headers

File Characteristics

PDB Paths

Imports

advapi32

comctl32

user32

kernel32

comdlg32

Sections

.text Size: 509KB - Virtual size: 508KB

.rdata Size: 60KB - Virtual size: 90KB

.data Size: 315KB - Virtual size: 306KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 509KB - Virtual size: 508KB

.rdata
Size: 60KB - Virtual size: 90KB

.data
Size: 315KB - Virtual size: 306KB

.rsrc
Size: 14KB - Virtual size: 14KB