336176174ef08e5af092161d9271ceaf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

336176174ef08e5af092161d9271ceaf_JaffaCakes118
Size

340KB
MD5

336176174ef08e5af092161d9271ceaf
SHA1

03841778b374e90c4f1f1dad87d0dce792a4fbcf
SHA256

a530923b8c5a35b741d61b97f5d85e4aa7a091737f432a8d745037b902f9d33a
SHA512

046e6c5bd3c7a90ad93718ce38808558eb430b55180f98d872a140c7b22dca6aa71fb0bc96f995063eee08a1ec98765b63d6c029ab591680154e94b8fcfe5280
SSDEEP

6144:mTs6tz+pATg6UEVgdWKFyNYzVPz56edIZFRv2QvdF0Y1LfI3:mFquVVgdWKFjFz2HvNvdqYZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
336176174ef08e5af092161d9271ceaf_JaffaCakes118

Files

336176174ef08e5af092161d9271ceaf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55ae66c8161ba0136bef4c5868113edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetStartupInfoA
InterlockedIncrement
LeaveCriticalSection
GetVersionExA
HeapFree
IsDebuggerPresent
GetStdHandle
GetModuleHandleA
GetUserDefaultLCID
RtlUnwind
ReadFile
SetStdHandle
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameA
EnumSystemLocalesA
WideCharToMultiByte
GetLastError
GetTimeZoneInformation
GetProcessShutdownParameters
CloseHandle
GetCurrentThread
FreeLibrary
GetLocaleInfoW
VirtualFree
VirtualQuery
GetProcAddress
CreateMutexA
HeapCreate
ExitProcess
GetCommandLineA
GetTimeFormatA
DeleteFileA
FreeEnvironmentStringsW
GetFileType
OpenMutexA
HeapDestroy
SetEnvironmentVariableA
SetLastError
FreeEnvironmentStringsA
SetHandleCount
VirtualAlloc
GetDateFormatA
GetTickCount
WriteFile
CompareStringW
TerminateProcess
Sleep
GetCurrentThreadId
CompareStringA
IsValidCodePage
HeapAlloc
TlsGetValue
TlsAlloc
LCMapStringW
TlsFree
GetCurrentProcess
GetConsoleMode
GetStringTypeA
GetSystemTimeAsFileTime
GetEnvironmentStrings
HeapReAlloc
GetStringTypeW
LCMapStringA
IsValidLocale
GetProcessHeap
SetFilePointer
DeleteCriticalSection
EnterCriticalSection
SetConsoleCtrlHandler
GetOEMCP
WriteConsoleA
HeapSize
WriteConsoleW
QueryPerformanceCounter
GetConsoleCP
GetConsoleOutputCP
SetUnhandledExceptionFilter
GetEnvironmentStringsW
TlsSetValue
GetLocaleInfoA
GetCurrentProcessId
InterlockedDecrement
InitializeCriticalSection
InterlockedExchange
FlushFileBuffers
GetACP
GetCPInfo
CreateFileA

comctl32

ImageList_Destroy
ImageList_Write
ImageList_Create
CreateStatusWindowA
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_EndDrag
DrawStatusTextW
ImageList_Copy
CreatePropertySheetPageW
ImageList_LoadImage
CreatePropertySheetPageA
ImageList_SetDragCursorImage
GetEffectiveClientRect
ImageList_Add
ImageList_SetFlags
ImageList_SetBkColor
ImageList_Draw
InitCommonControlsEx
ImageList_DragEnter
InitMUILanguage
ImageList_GetIconSize
DrawStatusTextA
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_AddIcon

user32

IsCharLowerW
RegisterClassExA
DrawTextExW
ShowWindow
LoadStringA
InsertMenuItemA
InSendMessage
MessageBoxW
ChildWindowFromPointEx
DefDlgProcW
SetCapture
AppendMenuW
GetTabbedTextExtentA
RegisterWindowMessageA
InsertMenuItemW
DestroyWindow
GetWindowLongA
GetMenuState
GetCursorPos
ExcludeUpdateRgn
RegisterHotKey
BeginPaint
DefWindowProcW
RegisterClassA
CreateWindowExW
LoadCursorW
SystemParametersInfoA
EnumPropsExA
wvsprintfW

comdlg32

PrintDlgA
GetFileTitleA
FindTextA
ChooseColorA

advapi32

RevertToSelf
RegSetValueExW
RegQueryInfoKeyA
LookupPrivilegeValueA
CryptSetKeyParam
GetUserNameW
CryptAcquireContextW
InitiateSystemShutdownA
CryptDeriveKey
AbortSystemShutdownW
CryptExportKey
StartServiceA
RegQueryValueW
LookupAccountSidW
CryptGetHashParam
RegConnectRegistryA
CryptGenKey

wininet

GopherGetAttributeA

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ae66c8161ba0136bef4c5868113edc

Headers

File Characteristics

Imports

kernel32

comctl32

user32

comdlg32

advapi32

wininet

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 92KB - Virtual size: 95KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 92KB - Virtual size: 95KB

.rsrc
Size: 12KB - Virtual size: 9KB