434b9c168de908c7c71e38cc6c693f06_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

434b9c168de908c7c71e38cc6c693f06_JaffaCakes118
Size

440KB
MD5

434b9c168de908c7c71e38cc6c693f06
SHA1

35a9972cd143ca4f4a4539bae2f1a1d17c2943a0
SHA256

a03a542cd2cfa9bf2138d5aa7301cad62c8436ef0493ba99e938042fd8eb67ac
SHA512

2156451f78e3feed05e6baee48c0371b77523618d2c0b1d0d101907c0802a911fc39acfdef6e160c8e1910c67194d538ce84eb2f9eba9a52ad1ee870e9c9f9cf
SSDEEP

12288:Crd7UoC14zHRbJitg8A27PLiy1oNb2qhKul/cQM/k:Owo5J6A1yaNb3rlkPk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
434b9c168de908c7c71e38cc6c693f06_JaffaCakes118

Files

434b9c168de908c7c71e38cc6c693f06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8212b5aefd01cc31ba94582abb167efa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetLastError
VirtualAllocEx
GetLocaleInfoW
GetCommandLineA
FindNextFileA
HeapAlloc
TlsSetValue
SetConsoleCtrlHandler
InitializeCriticalSection
SetUnhandledExceptionFilter
OpenMutexW
HeapSize
RaiseException
LCMapStringW
LeaveCriticalSection
FindClose
GetEnvironmentStrings
GetEnvironmentStringsW
GlobalAddAtomW
IsValidCodePage
DeleteCriticalSection
GetFileType
EnterCriticalSection
OutputDebugStringA
GetProcessHeap
SetHandleCount
GetDateFormatA
GetProcAddress
OpenWaitableTimerA
GetCurrentThread
TlsFree
GetDateFormatW
CompareStringW
GetConsoleMode
GetStartupInfoA
VirtualQuery
HeapDestroy
TlsAlloc
InterlockedIncrement
LoadLibraryW
GetStringTypeA
SetEnvironmentVariableA
GetCPInfo
HeapReAlloc
HeapCreate
ExitProcess
LCMapStringA
SetConsoleScreenBufferSize
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcess
GetTimeZoneInformation
GetModuleHandleA
FreeEnvironmentStringsW
GetStringTypeW
GetTimeFormatA
GetCurrentThreadId
IsDebuggerPresent
VirtualFree
CompareStringA
FreeLibrary
GetCurrentProcessId
GetModuleFileNameA
GetUserDefaultLCID
GlobalFree
EnumCalendarInfoW
GetTickCount
GetOEMCP
CreateProcessA
FreeEnvironmentStringsA
IsValidLocale
InterlockedDecrement
RtlUnwind
EnumSystemLocalesA
GetSystemTimeAsFileTime
InterlockedExchange
GetVersionExA
SetLastError
MultiByteToWideChar
GetACP
WideCharToMultiByte
GetLocaleInfoA
GetStdHandle
HeapFree
TerminateProcess
LoadLibraryA
GetProcAddress
Sleep
UnhandledExceptionFilter

user32

GetMessageA
IntersectRect
DrawStateA
EnumChildWindows
GetSysColor
CharNextA
DialogBoxParamW
CreateCaret
FlashWindow
GetScrollRange
SetMenuItemBitmaps
LoadAcceleratorsA
EnumPropsW
CloseWindow
GetClassInfoExW
SetProcessWindowStation
FreeDDElParam
RemoveMenu
WINNLSEnableIME
SendMessageW
IsWindowEnabled
SetCursorPos
SetWindowRgn

advapi32

LookupPrivilegeNameW
RegLoadKeyA
AbortSystemShutdownW
CryptSetHashParam
LogonUserW
RegReplaceKeyA
RegRestoreKeyW
RegQueryValueA
LookupPrivilegeNameA
RegNotifyChangeKeyValue
RegCloseKey
CryptEnumProvidersW
RegOpenKeyW
RegEnumKeyExW
RegDeleteKeyA
CryptSignHashW
DuplicateTokenEx

shell32

CommandLineToArgvW
SHFreeNameMappings
DuplicateIcon
SHGetSpecialFolderLocation
FreeIconList
ShellAboutA
ExtractIconW

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8212b5aefd01cc31ba94582abb167efa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 158KB - Virtual size: 157KB

.data Size: 275KB - Virtual size: 287KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 158KB - Virtual size: 157KB

.data
Size: 275KB - Virtual size: 287KB

.rsrc
Size: 6KB - Virtual size: 5KB