4175c5287ce953e64c2544cf65f775ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4175c5287ce953e64c2544cf65f775ab_JaffaCakes118
Size

509KB
MD5

4175c5287ce953e64c2544cf65f775ab
SHA1

4656994da4b476468f60272efce12dc9cdd43fbb
SHA256

e2cf66ce9b21746685cf42861957b869e13214454e1210251c05fa5175340d59
SHA512

1ed1d77742065ead3a7585bb4ed7086a215d7ba6f69e48aa183fe90aac6b4883b4ebf132c31140fa836960bd1b3fbe093772158178aae154c4b995375e66af60
SSDEEP

12288:qHBchMbjVUuzRfCBY2F75La3Ba+VxsP/+7WvFukv0T:Oy4XM6eXTtu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4175c5287ce953e64c2544cf65f775ab_JaffaCakes118

Files

4175c5287ce953e64c2544cf65f775ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d2a55adf6169bce41dc785020a99d00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegEnumValueW
RegSaveKeyW
DuplicateToken
LookupSecurityDescriptorPartsW
CryptAcquireContextA
CryptGetProvParam
StartServiceA
RegLoadKeyW
CryptGetUserKey
AbortSystemShutdownW
RegEnumKeyExW
RegOpenKeyA
CryptDestroyHash
LookupAccountNameA
DuplicateTokenEx
InitiateSystemShutdownA

user32

GetOpenClipboardWindow
DrawTextA
IsDialogMessageW
WinHelpA
SetWindowContextHelpId
UnpackDDElParam
DdeAccessData
DdeUninitialize
GetClassWord
IsWindowVisible
OpenDesktopA
GetScrollPos
DrawAnimatedRects
ImpersonateDdeClientWindow
KillTimer
SendMessageTimeoutW
EmptyClipboard
UnloadKeyboardLayout
RegisterClassA
CharPrevW
DeleteMenu
GetMenuItemID
RegisterClassExA

wininet

InternetCreateUrlW
UrlZonesDetach
GetUrlCacheConfigInfoA
InternetQueryOptionA
InternetAlgIdToStringW
HttpSendRequestW
FtpPutFileEx

comdlg32

FindTextA

kernel32

GetStartupInfoA
IsBadReadPtr
DeleteCriticalSection
GetDateFormatA
GetLocaleInfoW
CreateFileA
CompareStringW
TlsFree
Sleep
GetStartupInfoW
SetHandleCount
GetEnvironmentStringsW
InterlockedDecrement
LCMapStringW
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
CompareStringA
GetModuleFileNameW
GetCommandLineW
GetSystemTimeAsFileTime
DebugBreak
OutputDebugStringW
GetFileType
GetLocaleInfoA
ReadFile
HeapFree
GetTimeFormatA
UnhandledExceptionFilter
GetStringTypeA
GetOEMCP
VirtualQuery
QueryPerformanceCounter
MultiByteToWideChar
GetCommandLineA
GetCurrentThread
IsValidCodePage
FlushFileBuffers
FreeEnvironmentStringsW
HeapSize
TlsAlloc
GetProcessHeap
VirtualFree
GlobalDeleteAtom
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
FreeLibrary
HeapDestroy
GetConsoleCursorInfo
GetStringTypeW
GetProcAddress
GetConsoleCP
SetEnvironmentVariableA
LoadLibraryA
GetMailslotInfo
GetCurrentProcessId
GetUserDefaultLCID
GetCurrentProcess
WriteConsoleA
GetEnvironmentVariableW
LCMapStringA
SetStdHandle
HeapCreate
ReadConsoleOutputCharacterA
GetModuleHandleA
IsDebuggerPresent
EnumSystemLocalesA
OutputDebugStringA
TlsGetValue
RtlUnwind
GetStdHandle
TerminateProcess
WideCharToMultiByte
RaiseException
InterlockedIncrement
GetTimeZoneInformation
SetLastError
ExitProcess
GetConsoleOutputCP
HeapValidate
OpenMutexA
lstrlenA
WriteConsoleW
SleepEx
GetLastError
InterlockedExchange
HeapReAlloc
HeapAlloc
TlsSetValue
GetModuleFileNameA
EnterCriticalSection
GetConsoleMode
GetACP
IsValidLocale
GetCPInfo
CreateMutexA
CloseHandle
ExpandEnvironmentStringsA
WriteFile
SetFilePointer
LoadLibraryW
VirtualAlloc
LeaveCriticalSection
GetModuleHandleW
GetProfileSectionW
GetTickCount

shell32

DragQueryPoint

comctl32

InitCommonControlsEx

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d2a55adf6169bce41dc785020a99d00

Headers

File Characteristics

Imports

advapi32

user32

wininet

comdlg32

kernel32

shell32

comctl32

Sections

.text Size: 303KB - Virtual size: 303KB

.rdata Size: 49KB - Virtual size: 69KB

.data Size: 150KB - Virtual size: 149KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 303KB - Virtual size: 303KB

.rdata
Size: 49KB - Virtual size: 69KB

.data
Size: 150KB - Virtual size: 149KB

.rsrc
Size: 5KB - Virtual size: 5KB