468c56734429c89ec89b7ce049773603_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

468c56734429c89ec89b7ce049773603_JaffaCakes118
Size

327KB
MD5

468c56734429c89ec89b7ce049773603
SHA1

15953515c9c5adb705818d8da8b19244f5d9f1ce
SHA256

9e09de74a4d051b895d6021ef36ba08ec272decc3c801089ed7773a0b060b8ff
SHA512

d14bb2c79bbed35cf154d428e583018c175d73c5125979edef4acb183509afa552023370f271917e7df754d741e88795d74383fe6fe524e9f20f962e54bcf93c
SSDEEP

6144:PPNB9WChF6igHoQAe2SQ2NnqMUlYIylW0XWkwG0Z41/40uZ75DhMA:NBbv6fAbSNnjUwls4t40uZ9uA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
468c56734429c89ec89b7ce049773603_JaffaCakes118

Files

468c56734429c89ec89b7ce049773603_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25ee05c4f62843206d3ed02be5de1bdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcW
EndTask
RegisterClassA
RegisterClassExA
DdeDisconnectList
OffsetRect

advapi32

CryptGetHashParam
RegQueryInfoKeyA
CryptHashSessionKey
RegOpenKeyA
CryptSetHashParam
CryptAcquireContextA
InitiateSystemShutdownA
LookupPrivilegeNameW
CryptSetKeyParam
CryptAcquireContextW
LookupPrivilegeValueA
CryptDeriveKey
RegQueryValueW

comctl32

InitCommonControlsEx

kernel32

GetStartupInfoA
TlsFree
EnterCriticalSection
GetDateFormatA
InterlockedExchange
GetStdHandle
CompareStringW
HeapAlloc
ReadFile
EnumSystemLocalesA
GetCurrentThread
LCMapStringW
IsValidCodePage
GetProcessHeap
GetLastError
FreeLibrary
DuplicateHandle
GetModuleHandleA
IsValidLocale
SetLastError
TlsSetValue
MoveFileExA
ExitProcess
HeapCreate
CloseHandle
VirtualAlloc
GetTimeZoneInformation
GetConsoleOutputCP
CreateFileA
GetCurrentProcessId
SetUnhandledExceptionFilter
HeapDestroy
GetSystemTimeAsFileTime
GetTickCount
SetHandleCount
RtlUnwind
QueryPerformanceCounter
InterlockedDecrement
SetStdHandle
SetEnvironmentVariableA
SetConsoleCtrlHandler
SetConsoleActiveScreenBuffer
GetCommandLineA
GlobalCompact
WideCharToMultiByte
OpenMutexA
VirtualQuery
HeapSize
CreateMutexA
InitializeCriticalSection
TerminateProcess
GetVersionExA
UnhandledExceptionFilter
FindClose
GetConsoleCP
VirtualFree
GetEnvironmentStrings
LCMapStringA
FreeEnvironmentStringsA
GetFileType
FreeEnvironmentStringsW
DeleteCriticalSection
MultiByteToWideChar
GetCPInfo
GetUserDefaultLCID
Sleep
FindAtomA
VirtualProtect
CompareStringA
IsDebuggerPresent
GetACP
GetModuleFileNameA
WriteFile
TlsAlloc
GetTimeFormatA
GetLocaleInfoW
GetStringTypeA
GetCurrentThreadId
InterlockedIncrement
GetConsoleMode
GetEnvironmentStringsW
HeapFree
TlsGetValue
HeapReAlloc
WriteConsoleW
LeaveCriticalSection
GetProcAddress
GetLocaleInfoA
GetOEMCP
GetProfileStringW
LoadLibraryA
GetStringTypeW
WriteConsoleA
SetFilePointer
FlushFileBuffers
GetCurrentProcess

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ee05c4f62843206d3ed02be5de1bdd

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 9KB - Virtual size: 13KB

.data Size: 147KB - Virtual size: 147KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 9KB - Virtual size: 13KB

.data
Size: 147KB - Virtual size: 147KB

.rsrc
Size: 11KB - Virtual size: 11KB