466053e2cfb898f47570009714849519_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

466053e2cfb898f47570009714849519_JaffaCakes118
Size

406KB
MD5

466053e2cfb898f47570009714849519
SHA1

af5d26332cbcd5a4c58caeda0a1fc9c0a2cca88f
SHA256

140d77d7459e41668a9993a9a6a87dd052ba0824d4b7883ea14734f3edcbbfbd
SHA512

dc30e0f7b51a9d0460252d43c527b2c9589f0ab91d3f1f238a460cee29d7d97702ed9720d258d867bd9fcddd8bda4a91a1bd8651c428e6db0c67e1b652daa549
SSDEEP

6144:A5MJqsPntlZD1SRb32wxskyz/oYREvgDogYCQt5vrVTi8bq2F:AcHl32z2qszroY24o3tthdy2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
466053e2cfb898f47570009714849519_JaffaCakes118

Files

466053e2cfb898f47570009714849519_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3c31eab9e6b94147e5b7b58c755ae74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FreeIconList
ExtractAssociatedIconW
SHGetMalloc
SHChangeNotify
SHFreeNameMappings
ExtractAssociatedIconExA
SheGetDirA
ShellExecuteExA
SHQueryRecycleBinW
SHGetDataFromIDListW
ExtractIconW
SHFormatDrive
DragQueryFileAorW
SHUpdateRecycleBinIcon
SHGetPathFromIDList
SHGetNewLinkInfo
ShellAboutA
SHGetFileInfoW
DragQueryFileA

user32

WINNLSGetIMEHotkey
DefWindowProcW
SetProcessWindowStation
GetMenuStringA
LoadKeyboardLayoutW
SetMenuDefaultItem
GetClipCursor
SetCapture

wininet

UnlockUrlCacheEntryFileW
InternetGetConnectedStateExA
InternetAutodialHangup
InternetConnectW
HttpEndRequestA
InternetAttemptConnect
DeleteUrlCacheContainerW
InternetSecurityProtocolToStringA

advapi32

RegSetValueA
CryptGetKeyParam
RegDeleteKeyW
CryptEncrypt
RegCreateKeyW
RegDeleteValueA
InitiateSystemShutdownA
LogonUserA
RegQueryValueA
RegQueryMultipleValuesA
CryptSignHashW
LookupPrivilegeDisplayNameA
RegLoadKeyA
RegOpenKeyW
RegEnumKeyA
LookupAccountNameA
CryptDecrypt
RegOpenKeyExA
CryptEnumProvidersW
CryptEnumProvidersA
RegCloseKey
CreateServiceW

kernel32

GetCurrentThread
GetUserDefaultLCID
GetProcessHeap
GetSystemTimeAsFileTime
GetModuleFileNameA
TlsSetValue
GetACP
LCMapStringW
ExitProcess
TlsGetValue
GetEnvironmentStringsW
SetConsoleCtrlHandler
FreeEnvironmentStringsW
VirtualFree
WritePrivateProfileStringA
IsValidLocale
LoadLibraryA
VirtualQuery
GetStartupInfoA
HeapCreate
RtlUnwind
GetTimeZoneInformation
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
GetDateFormatA
GetStdHandle
GetCurrentThreadId
GetEnvironmentStrings
RtlMoveMemory
GetCommandLineA
GetLocaleInfoA
SetLastError
GetLocaleInfoW
VirtualUnlock
GetStringTypeA
GlobalLock
GetVersionExA
GetCPInfo
SetHandleCount
InterlockedIncrement
SetEnvironmentVariableA
GetFileType
GetCurrentProcessId
InterlockedExchange
GetTickCount
FreeLibrary
CompareStringA
GetOEMCP
IsBadWritePtr
lstrcpynW
GetStringTypeW
WriteFile
FindNextFileW
HeapDestroy
GetTimeFormatA
SetUnhandledExceptionFilter
TlsFree
HeapSize
IsValidCodePage
CopyFileA
HeapFree
GetLastError
GetCurrentProcess
LockResource
QueryPerformanceCounter
InterlockedDecrement
UnhandledExceptionFilter
SetFileAttributesA
FreeEnvironmentStringsA
WideCharToMultiByte
TerminateProcess
LeaveCriticalSection
CompareStringW
EnumSystemLocalesA
GlobalFlags
IsDebuggerPresent
EnterCriticalSection
MultiByteToWideChar
GetModuleHandleA
Sleep
TlsAlloc
VirtualQueryEx
GetProcAddress
LCMapStringA
HeapAlloc

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3c31eab9e6b94147e5b7b58c755ae74

Headers

File Characteristics

Imports

shell32

user32

wininet

advapi32

kernel32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 272KB - Virtual size: 297KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 272KB - Virtual size: 297KB

.rsrc
Size: 7KB - Virtual size: 6KB