2846ca197a2890a6ee833b7692fef301_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2846ca197a2890a6ee833b7692fef301_JaffaCakes118
Size

714KB
MD5

2846ca197a2890a6ee833b7692fef301
SHA1

abd5d5e6b9eaf7929ee5e55d9c09a8ea4c5864e3
SHA256

b528e0787eb758f0a45ece143c9c4166db3c5bacf20f26130be044a039cc3215
SHA512

91ce057fb8a6fe5cb5841df685590f6e0fcef105e2607034525e3d0ea8ca61be0aa522629218b00192fccda2df8bb08ff2f9c5f3bc76ead75c2f05d0dee72d27
SSDEEP

12288:7gpxEK5JH+4ayC7CuE3M2h0FWR8F3wJzMHpa7:UEek4C7CuE3M22SJ4H4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2846ca197a2890a6ee833b7692fef301_JaffaCakes118

Files

2846ca197a2890a6ee833b7692fef301_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc96c398d7ea8da8c635da75dc008059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderW
ExtractAssociatedIconExA
ExtractAssociatedIconW
SHEmptyRecycleBinW
DragFinish

user32

OemToCharBuffA
RegisterClassA
OpenInputDesktop
SetKeyboardState
DefWindowProcW
GetMessageExtraInfo
ToAscii
ReleaseDC
CreateCaret
DdeInitializeW
VkKeyScanA
RegisterClassExA
DdeAddData
ChangeClipboardChain

wininet

DeleteUrlCacheEntryA
GopherOpenFileW

kernel32

HeapCreate
SetConsoleCtrlHandler
InterlockedDecrement
UnhandledExceptionFilter
IsValidLocale
GetLocaleInfoA
GetUserDefaultLCID
ReadConsoleW
Sleep
LoadLibraryA
FlushFileBuffers
EnumSystemLocalesA
CompareStringW
GetLastError
LeaveCriticalSection
GetOEMCP
HeapAlloc
CompareStringA
CloseHandle
EnterCriticalSection
SetUnhandledExceptionFilter
SetLastError
TlsGetValue
GetProfileStringW
GetModuleHandleA
GetFileType
ExitProcess
LCMapStringW
HeapDestroy
FreeLibrary
SetEnvironmentVariableA
GetLocaleInfoW
GetStringTypeW
SetStdHandle
TlsSetValue
ReadConsoleOutputW
SetThreadAffinityMask
DeleteCriticalSection
WideCharToMultiByte
GetCurrentProcessId
GetConsoleMode
HeapSize
SetFilePointer
CreateFileA
HeapFree
GetCPInfo
MultiByteToWideChar
GetConsoleOutputCP
VirtualAlloc
GetConsoleCP
GetProcAddress
GetACP
GetModuleHandleW
WriteConsoleA
DebugActiveProcess
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
AddAtomW
GetStringTypeA
InterlockedExchange
VirtualQuery
WriteConsoleW
FreeEnvironmentStringsW
TerminateProcess
GetTimeZoneInformation
IsDebuggerPresent
GetEnvironmentStringsW
FreeLibraryAndExitThread
SetHandleCount
ExpandEnvironmentStringsW
ReadFile
FormatMessageA
WriteFile
GetModuleFileNameW
GetStdHandle
CreateMutexA
GetCurrentProcess
GetStartupInfoW
GetNumberFormatA
LCMapStringA
GetDateFormatA
InterlockedIncrement
GetStartupInfoA
lstrcat
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
TlsAlloc
VirtualFree
QueryPerformanceCounter
IsValidCodePage
TlsFree
GetCommandLineW
GetCurrentThread
RtlUnwind
GetTimeFormatA
GetSystemTimeAsFileTime
OpenMutexA
GetModuleFileNameA
GetTickCount

comdlg32

FindTextW

comctl32

InitCommonControlsEx

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 502KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc96c398d7ea8da8c635da75dc008059

Headers

File Characteristics

Imports

shell32

user32

wininet

kernel32

comdlg32

comctl32

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 10KB - Virtual size: 35KB

.data Size: 502KB - Virtual size: 464KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 10KB - Virtual size: 35KB

.data
Size: 502KB - Virtual size: 464KB

.rsrc
Size: 10KB - Virtual size: 9KB