346da235b5f442548a4ad52cebf10fa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

346da235b5f442548a4ad52cebf10fa0_JaffaCakes118
Size

369KB
MD5

346da235b5f442548a4ad52cebf10fa0
SHA1

3d79f6223d2576b4981f56e96eee6e6c2c9ef8dd
SHA256

423f7ae51e7ecc8604b6ef3a6a62c761e560170019481eb6e1dda0667f302312
SHA512

09bc01907876606f07810ae71b14bbe57405cead871eec764e4fa1dcec19f054e44f9c24ca9270dcaa44413247b5bfef5d9579344bad7604790bfb4e9c3e7cd5
SSDEEP

6144:G2/2k17DgFdzRW3flTxLoNls83mtAj2iciUnmO//EjJO7M1WZx:N+k9MFlsvVxf8WtAjwnmOEDIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
346da235b5f442548a4ad52cebf10fa0_JaffaCakes118

Files

346da235b5f442548a4ad52cebf10fa0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88f1e4d7c88e9d746431e5e7995019bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheSetCurDrive
RealShellExecuteExA
DragAcceptFiles
DragFinish
SHGetDataFromIDListW
ExtractIconExA
ExtractAssociatedIconExW
SHChangeNotify
SHBrowseForFolderW
SHFormatDrive
InternalExtractIconListA
ExtractIconEx
SHFileOperationA
SHEmptyRecycleBinW
DuplicateIcon
SHAppBarMessage
RealShellExecuteW
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetFileInfoA
SHInvokePrinterCommandW
DoEnvironmentSubstA

wininet

InternetGetCertByURLA
InternetSetDialStateA
InternetCloseHandle
LoadUrlCacheContent
InternetOpenUrlW
InternetFortezzaCommand
UrlZonesDetach
FindNextUrlCacheEntryW
SetUrlCacheHeaderData
InternetWriteFile
HttpSendRequestW
FtpGetCurrentDirectoryW
InternetCanonicalizeUrlA
InternetAlgIdToStringA

user32

RegisterClipboardFormatA
IsIconic
OemToCharW
GetUserObjectInformationW
TranslateMDISysAccel
DrawFrameControl
SetWindowLongW
IsWindowVisible
GetDCEx
DrawTextExW
IsCharAlphaNumericW
CopyImage
MapDialogRect
GetForegroundWindow
UnhookWinEvent
PeekMessageA
MoveWindow
SetScrollPos
DlgDirListComboBoxA
DrawStateW
DlgDirListComboBoxW
wvsprintfW
SetWindowRgn
SetDlgItemInt

advapi32

RegLoadKeyW
RegQueryMultipleValuesA
RegDeleteKeyA
RegEnumValueA
RegQueryMultipleValuesW
CryptContextAddRef
DuplicateTokenEx
CryptEncrypt
LookupAccountSidA
CryptEnumProviderTypesW
CryptSignHashW
AbortSystemShutdownW
RegDeleteKeyW
RegEnumKeyW
CryptHashData
RegNotifyChangeKeyValue
LookupPrivilegeDisplayNameW
LookupPrivilegeValueW
CryptDestroyHash
CryptExportKey

kernel32

DeleteAtom
GlobalFix
lstrcpyn
DeleteCriticalSection
HeapAlloc
QueryPerformanceCounter
WaitForSingleObject
ConvertDefaultLocale
GetUserDefaultLCID
GetLogicalDriveStringsW
ExitProcess
SetVolumeLabelW
HeapFree
GetModuleFileNameA
GetConsoleTitleW
SetConsoleTextAttribute
GetCurrentProcessId
lstrcpyA
FindClose
TerminateProcess
VirtualAlloc
CreateMutexW
lstrcpynA
GetSystemDefaultLCID
GetModuleHandleA
RtlUnwind
GetProcessShutdownParameters
GetProcAddress
EnumResourceTypesW
VirtualLock
HeapReAlloc
LoadLibraryA
SetThreadIdealProcessor
GetFileAttributesA
GetTickCount
VirtualQuery
InterlockedExchange
OpenEventA
GetCurrentProcess
GetCurrentThreadId
ReadFileEx
GetSystemTimeAsFileTime

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88f1e4d7c88e9d746431e5e7995019bc

Headers

File Characteristics

Imports

shell32

wininet

user32

advapi32

kernel32

Sections

.text Size: 93KB - Virtual size: 92KB

.data Size: 262KB - Virtual size: 262KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 93KB - Virtual size: 92KB

.data
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 12KB - Virtual size: 12KB