359cd0390a1d4de229b37d3ca34484de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

359cd0390a1d4de229b37d3ca34484de_JaffaCakes118
Size

460KB
MD5

359cd0390a1d4de229b37d3ca34484de
SHA1

f85fc5a2ec3a14dbaa3b558ea09b2c609d7183f3
SHA256

38c0d415a6b59008f53d931f9c62bdfeac4274c61a44aafcdd68838c36674929
SHA512

8f239f84cdabcc471aef6e9c42ae594c7231493c3f85919a65fc61f5e14f299cdd3abfc55ac27c14d8ed11b137065c79ca33a9d8243275906cfb8fe5134e8a56
SSDEEP

12288:H0Yp1e5YydwKvqrG7W8LtiiYn57lPLZZpPb:H0Yps5YydwKfLtiiY5xPLn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
359cd0390a1d4de229b37d3ca34484de_JaffaCakes118

Files

359cd0390a1d4de229b37d3ca34484de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

010b45e75b721f4ff6958050733d82ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptExportKey
CryptEncrypt
AbortSystemShutdownW
CryptCreateHash
RegSetValueW
CryptDuplicateHash
CryptSetKeyParam
RegReplaceKeyA
RegRestoreKeyA
RegDeleteValueA
RevertToSelf
RegLoadKeyW
RegOpenKeyA
LookupAccountNameW
CryptEnumProviderTypesW

user32

CreateIconIndirect
ActivateKeyboardLayout
SetSystemCursor
GetInputDesktop
FreeDDElParam
DestroyIcon
ScrollDC
SetUserObjectSecurity
GetLastActivePopup
PeekMessageW
GetSystemMetrics
CloseDesktop
SetPropA
MenuItemFromPoint
SubtractRect
MonitorFromRect
GetWindow
SetClipboardViewer

comdlg32

ChooseColorW
PageSetupDlgW
ReplaceTextA
FindTextA
GetOpenFileNameW
GetSaveFileNameA
LoadAlterBitmap
GetFileTitleA
GetSaveFileNameW
PageSetupDlgA
ChooseFontA
ChooseFontW
PrintDlgA
GetFileTitleW
ReplaceTextW
PrintDlgW
GetOpenFileNameA
ChooseColorA

shell32

SHGetFileInfoW
InternalExtractIconListW
ExtractIconW

kernel32

SetHandleCount
MultiByteToWideChar
CompareStringW
lstrlen
RtlUnwind
CompareStringA
GetLastError
IsValidCodePage
LoadLibraryA
TlsAlloc
GetModuleFileNameA
HeapSize
GetCurrentThread
VirtualAlloc
EnumSystemLocalesA
GetProcAddress
LeaveCriticalSection
FreeEnvironmentStringsW
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
GetEnvironmentStrings
GetTickCount
IsBadWritePtr
UnhandledExceptionFilter
ExitProcess
GetFileType
GetUserDefaultLCID
GetModuleHandleA
QueryPerformanceCounter
GetLocaleInfoA
VirtualProtect
VirtualQuery
WriteFile
HeapCreate
DeleteCriticalSection
SetEnvironmentVariableA
GetACP
LCMapStringW
GetCPInfo
GetTimeFormatA
FreeEnvironmentStringsA
GetTimeZoneInformation
GetStringTypeA
InitializeCriticalSection
VirtualFree
HeapFree
EnterCriticalSection
GetStdHandle
TlsFree
GetVersionExA
GetCurrentProcessId
TlsGetValue
SetUnhandledExceptionFilter
HeapDestroy
WideCharToMultiByte
GetStartupInfoA
GetStringTypeW
GetEnvironmentStringsW
HeapReAlloc
GetSystemInfo
TlsSetValue
GetCommandLineA
GetDateFormatA
GetSystemTimeAsFileTime
GetOEMCP
LCMapStringA
HeapAlloc
IsValidLocale
InterlockedExchange
SetLastError
GetLocaleInfoW

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010b45e75b721f4ff6958050733d82ec

Headers

File Characteristics

Imports

advapi32

user32

comdlg32

shell32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.data Size: 275KB - Virtual size: 274KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 174KB - Virtual size: 173KB

.data
Size: 275KB - Virtual size: 274KB

.rsrc
Size: 10KB - Virtual size: 9KB