4084562ad27a29100ce6a775e165ee65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4084562ad27a29100ce6a775e165ee65_JaffaCakes118
Size

264KB
MD5

4084562ad27a29100ce6a775e165ee65
SHA1

31ef8c5759aee261b16fba3f1440be65ccab9f25
SHA256

098ef654b2d8c68d9adbd4ab3c02dc1592cc2d644910b9ac39af9892fd31cab1
SHA512

b2ec6024924438bdb6787dd71d734bc694a24888b4e4a89936510ad04698bbc01cf4e506cc1fb19136f52db376538b2fe798aafbb2d97b2cb8cd764ff1fc0006
SSDEEP

6144:Ef5M3MtZl8F2qvdwFAdZr/3swTRZtQNxpFxpdeqf6w6C:Ef59WpvGAdJcwHaF1dJf6bC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4084562ad27a29100ce6a775e165ee65_JaffaCakes118

Files

4084562ad27a29100ce6a775e165ee65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe2879bfb648e23d4b4315a8677be4a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

SetScrollRange
GetKeyState
SystemParametersInfoW
GetQueueStatus
LoadAcceleratorsW
InSendMessageEx
MessageBoxW
ShowWindow
CreateWindowExA
AdjustWindowRect
InSendMessage
RegisterClassW
GetDoubleClickTime
RegisterClassExA
DispatchMessageA
CreateDesktopA
GetMonitorInfoA
SetMessageQueue
RegisterClassA
TabbedTextOutA
SendNotifyMessageA

kernel32

GetSystemTimeAsFileTime
CloseHandle
CompareStringA
RtlUnwind
CompareStringW
HeapCreate
UnhandledExceptionFilter
TlsGetValue
GetPrivateProfileSectionNamesW
QueryPerformanceCounter
SetHandleCount
GetStringTypeW
SetLastError
GetModuleHandleA
SetFilePointer
GetCurrentProcessId
WideCharToMultiByte
GetCPInfo
GetCurrentThreadId
GetLastError
InterlockedIncrement
ReadFile
HeapReAlloc
GetCommandLineW
GetTickCount
GetVersion
WriteFile
GetProcAddress
FlushFileBuffers
TerminateProcess
HeapFree
ExitProcess
InterlockedDecrement
DeleteCriticalSection
GetStartupInfoW
SetEnvironmentVariableA
LCMapStringW
TlsSetValue
HeapAlloc
CreateMutexA
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
MultiByteToWideChar
GetLocalTime
InitializeCriticalSection
GetStartupInfoA
GetStringTypeA
SetStdHandle
GetEnvironmentStringsW
LCMapStringA
FreeEnvironmentStringsW
HeapDestroy
VirtualAlloc
GetModuleFileNameA
TlsFree
IsBadWritePtr
GetStdHandle
GetFileType
InterlockedExchange
FreeEnvironmentStringsA
VirtualQuery
GetCurrentProcess
TlsAlloc
GetEnvironmentStrings
GetCommandLineA
GetModuleFileNameW
LoadLibraryA
OpenMutexA
EnterCriticalSection
VirtualFree
GetCurrentThread

shell32

SHUpdateRecycleBinIcon
SHFileOperation
InternalExtractIconListA
ShellExecuteW
DoEnvironmentSubstA

advapi32

CryptGenRandom
LookupPrivilegeValueW
CryptEnumProviderTypesW
CryptAcquireContextW
RegOpenKeyA
RegCreateKeyW
RegDeleteValueW
RegDeleteKeyW
CryptGenKey
RegRestoreKeyA
InitiateSystemShutdownW
RegQueryValueExA
CryptAcquireContextA
RegRestoreKeyW
CryptSignHashA
RegEnumValueA
CryptDuplicateKey
CryptSetProviderExW
CryptGetDefaultProviderW
InitiateSystemShutdownA

comdlg32

GetSaveFileNameA
PrintDlgW
GetOpenFileNameW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe2879bfb648e23d4b4315a8677be4a4

Headers

File Characteristics

Imports

comctl32

user32

kernel32

shell32

advapi32

comdlg32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 13KB - Virtual size: 22KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 13KB - Virtual size: 22KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 14KB - Virtual size: 14KB