262fc8b0a2c8138cc01a658327cabf44_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

262fc8b0a2c8138cc01a658327cabf44_JaffaCakes118
Size

579KB
MD5

262fc8b0a2c8138cc01a658327cabf44
SHA1

b23ae63075601228a921b50da234a4becb538561
SHA256

b8cec2d09191ee4e5a4852148ef7aedfa5a077c5cf385fa0362c9069cfefa8d3
SHA512

8137fa46fc2472cac82098feba07c8d552cb7b63082111096b1916af03bf186b5539e401d5a22288e24d558423df12dabca35c0069080d3a2a8b8975be8b9f4a
SSDEEP

12288:9aBa08Obht002y+UVKeRrMwt8WycB6Q2xeskoIlPSRJejdLx:9j08OVG4+UVKelFtRB6Txesryd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262fc8b0a2c8138cc01a658327cabf44_JaffaCakes118

Files

262fc8b0a2c8138cc01a658327cabf44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

462f64ed57817460b177d7a702b4cc29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ReportEventA
RegFlushKey
RegQueryInfoKeyW
LookupAccountSidW
RegReplaceKeyA
RevertToSelf

comdlg32

ChooseFontA
ReplaceTextW
FindTextW
FindTextA

shell32

DoEnvironmentSubstA

wininet

InternetSetOptionA

comctl32

InitCommonControlsEx
ImageList_GetBkColor
CreateToolbar
ImageList_EndDrag
ImageList_LoadImageA
ImageList_LoadImage
ImageList_DragMove
_TrackMouseEvent
DrawStatusTextW
ImageList_GetFlags
GetEffectiveClientRect
ImageList_DragShowNolock
InitMUILanguage
ImageList_Draw
ImageList_Read
ImageList_GetIconSize
ImageList_SetFilter
ImageList_GetIcon

user32

MessageBoxA
ShowWindow
CreateDialogParamW
SetWinEventHook
RegisterClassA
DefWindowProcA
DestroyWindow
DlgDirListA
PeekMessageW
GetWindowLongA
GetIconInfo
OpenDesktopA
CreateWindowExA
InvalidateRgn
RegisterClassExA
InSendMessage

kernel32

SetStdHandle
SetFilePointer
VirtualAlloc
CloseHandle
LCMapStringW
GetModuleFileNameA
TerminateProcess
GetCPInfo
GetPrivateProfileSectionA
TlsGetValue
HeapDestroy
GetTimeZoneInformation
GetEnvironmentStrings
SetHandleCount
LoadLibraryA
InitializeCriticalSection
SystemTimeToTzSpecificLocalTime
GetModuleFileNameW
FreeEnvironmentStringsW
GetVersion
TlsFree
LCMapStringA
GetStartupInfoA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStringTypeA
UnhandledExceptionFilter
CompareStringA
GetFileType
OpenMutexA
GetStdHandle
GetProcAddress
InterlockedExchange
LeaveCriticalSection
CompareStringW
InterlockedIncrement
GetTickCount
IsBadWritePtr
GetLocalTime
GetCurrentProcessId
WriteFile
VirtualQuery
HeapFree
GetCommandLineA
GetEnvironmentStringsW
DeleteCriticalSection
GetLastError
ReadFile
SetLastError
MultiByteToWideChar
FlushFileBuffers
GetCurrentThread
TlsAlloc
FreeEnvironmentStringsA
TlsSetValue
GetStartupInfoW
GetCurrentProcess
WideCharToMultiByte
VirtualFree
GetCommandLineW
GetSystemTime
HeapReAlloc
QueryPerformanceCounter
ExitProcess
InterlockedDecrement
GetModuleHandleA
SetEnvironmentVariableA
GetStringTypeW
CreateMutexA
HeapAlloc
WritePrivateProfileStructA
EnterCriticalSection
HeapCreate
RtlUnwind

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

462f64ed57817460b177d7a702b4cc29

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

wininet

comctl32

user32

kernel32

Sections

.text Size: 213KB - Virtual size: 213KB

.rdata Size: 211KB - Virtual size: 218KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 213KB - Virtual size: 213KB

.rdata
Size: 211KB - Virtual size: 218KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 47KB - Virtual size: 47KB