404efeda39e53606399a553285c1d22b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

404efeda39e53606399a553285c1d22b_JaffaCakes118
Size

569KB
MD5

404efeda39e53606399a553285c1d22b
SHA1

c1cfcb4e3d45cf4bdbda2713daab6462830431d8
SHA256

979a08256785243805eb36b1dbb92ba7b42b0fabe04eb24acf5141b0655062d3
SHA512

623e2f91911085b61e1527e0214d3645d15e1726a1a4ee6469e72b174cb7522449a19c11eab5859a78067b073ef16188fb986286bde20728d66d4158d80542f9
SSDEEP

12288:9flFwQ3MFTCp1mkWEDM3fUJCg9ACTFyCXwYkRHDZ:lwQ3Jp1mkWX+CwACT88wF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
404efeda39e53606399a553285c1d22b_JaffaCakes118

Files

404efeda39e53606399a553285c1d22b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6c3489f63a7457f47094110dd05ef2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePolyPolygonRgn
PlayEnhMetaFile
AbortDoc
GetTextExtentPointW
SaveDC
SetPaletteEntries
CreateRectRgnIndirect
SetMagicColors
GdiFlush
SetViewportOrgEx
GetBitmapDimensionEx
GetGlyphOutlineA
CreateFontA
SetLayout
GetCharABCWidthsFloatW
GetWinMetaFileBits
GetCharacterPlacementA
Escape

comctl32

InitCommonControlsEx

advapi32

CryptDecrypt
LookupSecurityDescriptorPartsA
LookupSecurityDescriptorPartsW
CryptVerifySignatureW
RegDeleteKeyA
CryptAcquireContextW
RegOpenKeyExW
RegSaveKeyW
RegQueryValueExW
RegEnumValueW
ReportEventA
CryptGetKeyParam
RegOpenKeyA
RegConnectRegistryW
RegReplaceKeyW
CryptEnumProviderTypesW

kernel32

InitializeCriticalSectionAndSpinCount
HeapSize
ReadFileEx
GetModuleHandleA
GetModuleFileNameA
WriteFile
TlsFree
GetTickCount
WriteConsoleA
GetStartupInfoA
GetCurrentThreadId
HeapCreate
GetPriorityClass
SetStdHandle
GetCurrentProcess
InterlockedIncrement
MoveFileExA
FindFirstFileA
HeapAlloc
SetConsoleCtrlHandler
GetModuleHandleW
CompareStringW
SetFilePointer
CompareStringA
GetOEMCP
SetHandleCount
GetStdHandle
InterlockedDecrement
IsValidLocale
MoveFileExW
CloseHandle
SetLastError
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetConsoleOutputCP
GetModuleFileNameW
GetLocaleInfoW
GetProcAddress
OpenMutexA
SetUnhandledExceptionFilter
HeapFree
RtlUnwind
EnumSystemLocalesA
LCMapStringA
TlsAlloc
QueryPerformanceCounter
OutputDebugStringW
InterlockedExchange
ExitProcess
GetCurrentDirectoryA
Sleep
TlsGetValue
GetUserDefaultLCID
HeapDestroy
GetFileType
HeapReAlloc
DeleteCriticalSection
LCMapStringW
MultiByteToWideChar
WriteConsoleW
ReadFile
VirtualQuery
FreeEnvironmentStringsW
GetCommandLineA
GetMailslotInfo
IsValidCodePage
GetConsoleCP
GetStartupInfoW
GetEnvironmentStringsW
EnumDateFormatsA
UnhandledExceptionFilter
LoadLibraryA
CreateFileA
WideCharToMultiByte
IsDebuggerPresent
GetDateFormatA
SetEnvironmentVariableA
GetStringTypeA
GetLocaleInfoA
TlsSetValue
GetTimeFormatA
FlushFileBuffers
GetSystemTimeAsFileTime
GetCPInfo
CreateMutexA
GetCurrentProcessId
GetTimeZoneInformation
GetCurrentThread
FreeLibrary
VirtualAlloc
GetACP
GetConsoleMode
GetLastError
GetCommandLineW
VirtualFree
GetStringTypeW
AddAtomA

shell32

DragAcceptFiles

wininet

FtpPutFileW
RetrieveUrlCacheEntryStreamW
HttpAddRequestHeadersA
UnlockUrlCacheEntryStream
InternetInitializeAutoProxyDll
FtpGetFileW

user32

GetClipboardFormatNameA
wvsprintfA
CloseWindowStation
DrawTextW
DefFrameProcA
RegisterClassA
SetWindowRgn
RegisterClassExA
IsMenu

Sections

.text
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6c3489f63a7457f47094110dd05ef2d

Headers

File Characteristics

Imports

gdi32

comctl32

advapi32

kernel32

shell32

wininet

user32

Sections

.text Size: 382KB - Virtual size: 382KB

.rdata Size: 60KB - Virtual size: 81KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 382KB - Virtual size: 382KB

.rdata
Size: 60KB - Virtual size: 81KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 16KB - Virtual size: 15KB