382fd719e85e893b77ae604dd6796c28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

382fd719e85e893b77ae604dd6796c28_JaffaCakes118
Size

472KB
MD5

382fd719e85e893b77ae604dd6796c28
SHA1

42b08e85326d8f9cbaa7baa2081f14abcb00838f
SHA256

1bc40f6c70ede71a062ffefda74bfe0dff633447e47cbe8a30d31304aa3a8009
SHA512

c0e3083a010d3c1a458e6dde27565cbda90d400650a231bae2eec365c220721d8811c8c6db18a19d3fb29e5536b25db5f5e995babd9af3699c704325379eed4f
SSDEEP

12288:ef25Yacv3ayix2J/Dw+HMiGqE7C+ufAKmuLbf9sqz2OkVuwTj:qacvNRDwrmdIKmu1sqz4uwT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
382fd719e85e893b77ae604dd6796c28_JaffaCakes118

Files

382fd719e85e893b77ae604dd6796c28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

803ad815142acf0234e1e647c287d4cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
CryptEncrypt
RegSetValueW
RegCloseKey
RegConnectRegistryW
LookupSecurityDescriptorPartsW
CryptSetProviderExA
CryptEnumProviderTypesW
RegSaveKeyA
CryptGetDefaultProviderW
CryptGenKey
InitiateSystemShutdownA
RegSetValueExW
RegReplaceKeyA
CryptCreateHash
RegEnumKeyW
RegFlushKey
DuplicateToken
StartServiceW
CryptGenRandom
CryptSignHashW
StartServiceA

user32

SetTimer
CharLowerW
UnregisterHotKey
DdeImpersonateClient
TileChildWindows
CopyImage
AdjustWindowRect
SetCaretBlinkTime
GetWindowTextLengthA
GetWindowTextLengthW
MapDialogRect
WindowFromPoint
PostMessageA
IsWindowVisible
SetScrollRange
GetCaretPos
GetWindowTextA
RegisterClipboardFormatW
LoadAcceleratorsA
ToAscii
GetScrollPos
DlgDirListW
DialogBoxIndirectParamA

gdi32

SetMagicColors
SetWindowExtEx
CheckColorsInGamut
ChoosePixelFormat
GetSystemPaletteEntries
GetFontData
GetBkColor
CombineRgn
TextOutW
GetPixel
GdiPlayDCScript
LineDDA
SetMetaRgn
CreateBrushIndirect
CreateColorSpaceW
SetPixel
StartPage
SetColorSpace
EndPath
GetTextCharsetInfo
CreateDCA
GdiPlayScript
ExtCreateRegion
SetICMMode

wininet

InternetLockRequestFile
InternetAutodial
FindCloseUrlCache

kernel32

LoadLibraryA
GetEnvironmentStringsW
HeapAlloc
EnterCriticalSection
CompareStringA
FreeEnvironmentStringsA
GetTickCount
DeleteCriticalSection
HeapFree
GetProcessHeap
IsDebuggerPresent
FreeLibrary
InitializeCriticalSection
WideCharToMultiByte
QueryPerformanceCounter
TlsGetValue
GlobalReAlloc
GetTimeFormatA
GetACP
GetStartupInfoA
TlsSetValue
GetCurrentProcessId
RtlUnwind
GetDateFormatA
SetEnvironmentVariableA
InterlockedIncrement
EnumSystemLocalesA
LCMapStringA
LeaveCriticalSection
GetTimeZoneInformation
UnhandledExceptionFilter
ExitProcess
TerminateProcess
GetStringTypeA
VirtualQuery
GetModuleHandleA
GetStringTypeW
HeapSize
TlsAlloc
SetLocaleInfoA
TlsFree
SetLocalTime
GetSystemTimeAsFileTime
GetLastError
SetUnhandledExceptionFilter
InterlockedExchange
GetFileType
SetHandleCount
GetCommandLineA
MultiByteToWideChar
SetEvent
GetUserDefaultLCID
GetVersionExA
GetProcAddress
GetLocaleInfoW
VirtualAlloc
GetModuleFileNameA
ReadConsoleW
InterlockedDecrement
GlobalHandle
CompareStringW
GetStdHandle
GetCPInfo
HeapReAlloc
GetCurrentThread
HeapDestroy
SystemTimeToFileTime
HeapCreate
GetCurrentProcess
SetLastError
VirtualFree
GetStartupInfoW
IsValidLocale
GetLocaleInfoA
WriteFile
LCMapStringW
LoadLibraryExW
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCurrentThreadId
Sleep

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

803ad815142acf0234e1e647c287d4cc

Headers

File Characteristics

Imports

advapi32

user32

gdi32

wininet

kernel32

Sections

.text Size: 183KB - Virtual size: 183KB

.data Size: 277KB - Virtual size: 292KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 183KB - Virtual size: 183KB

.data
Size: 277KB - Virtual size: 292KB

.rsrc
Size: 10KB - Virtual size: 10KB