46c2246f19684e6140af2c1cb612e7fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46c2246f19684e6140af2c1cb612e7fe_JaffaCakes118
Size

573KB
MD5

46c2246f19684e6140af2c1cb612e7fe
SHA1

972576b307bae41f80a1465df8009b4d96b07149
SHA256

5b4c6182f2ad02129af22d0e47345d415e61024a65948bc2e0d1e2963c35a146
SHA512

27a377ea3f3730d3f7725b72b9fa806fe687e008d27767fbe10d4a85a4c35e108572900e7e2b93d26b24c7027bc03a3dfa97af195986f273d12a68153f47188d
SSDEEP

12288:DhQa+lx8g9e5z7Yy2Iw6y2Tis6Npmmjs8UHZqBv3vo/pLc:Dh/+f8Awz7YDIw92z8UHZqB/vwLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c2246f19684e6140af2c1cb612e7fe_JaffaCakes118

Files

46c2246f19684e6140af2c1cb612e7fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d3694a09b31b9fc0d7db5d95a459f55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSetProviderExA
DuplicateTokenEx
RegRestoreKeyW
InitializeSecurityDescriptor
CryptSetProviderA
RegReplaceKeyW
CryptDeriveKey
RegSetValueExA
RegCreateKeyA
CryptSetProviderExW
RegDeleteValueW
CryptEnumProvidersA
RegOpenKeyExA
LookupSecurityDescriptorPartsW
CryptSignHashA
RegDeleteValueA
RegQueryValueA
CryptEncrypt
RegEnumKeyA
RegEnumKeyExW

comctl32

_TrackMouseEvent
ImageList_Read
DrawStatusTextW
ImageList_Copy
ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_DragMove
ImageList_DragEnter
InitMUILanguage
CreatePropertySheetPage
ImageList_SetFilter
DrawStatusText
ImageList_SetBkColor

wininet

FindNextUrlCacheContainerA
HttpOpenRequestA

user32

CountClipboardFormats
MessageBoxExA
LoadMenuW
ToAscii
SwitchToThisWindow
CharLowerBuffW
LockWindowUpdate
SendMessageA
IsCharAlphaA
MapWindowPoints
SetFocus
SetScrollRange
EnumClipboardFormats
MonitorFromWindow
EnumDesktopWindows
RemoveMenu
DestroyCaret
DrawCaption
SetSysColors
SendNotifyMessageW
DdeClientTransaction
SetShellWindow
CreatePopupMenu
GetQueueStatus
EnumDesktopsW
EnableWindow
GetFocus
GetKeyNameTextA
ChangeMenuA
IsWindow
RegisterClassExW
TranslateMessage
SetCursorPos
GetInputDesktop
IsZoomed
HideCaret
GetScrollPos
DialogBoxIndirectParamA
GetPriorityClipboardFormat
RegisterClassExA
RegisterClassA
DlgDirListA
DestroyMenu
SetDlgItemTextA
GetTitleBarInfo
MenuItemFromPoint
SetWindowsHookW
IsClipboardFormatAvailable
SetUserObjectInformationA
SetUserObjectSecurity
CopyImage
DlgDirSelectComboBoxExW
CharLowerA
SetWindowTextA
DlgDirSelectExA
GetMenuCheckMarkDimensions
IsCharUpperW
SubtractRect
DdeGetData
GetKeyState
SetActiveWindow
GetMenuBarInfo
EndDialog
TrackPopupMenu

kernel32

TerminateProcess
EnumSystemLocalesA
VirtualQuery
TlsAlloc
ExitProcess
GetCurrentProcessId
SetEnvironmentVariableA
GetPrivateProfileSectionNamesA
GetSystemTimeAsFileTime
OpenMutexA
GetCurrentThreadId
QueryPerformanceCounter
GetACP
HeapAlloc
GetCommandLineA
GetVersionExA
GetStdHandle
HeapFree
GetModuleHandleA
FreeEnvironmentStringsW
TlsSetValue
GetLocaleInfoA
GetDateFormatA
GetLocaleInfoW
SetConsoleCursorPosition
CompareStringA
CloseHandle
SetStdHandle
HeapReAlloc
InterlockedExchange
GetProcAddress
GlobalFree
WriteFile
HeapSize
GetModuleFileNameA
VirtualAlloc
GetCPInfo
SetConsoleCtrlHandler
IsBadWritePtr
GetTimeZoneInformation
DeleteCriticalSection
IsValidLocale
InitializeCriticalSectionAndSpinCount
TlsGetValue
RtlUnwind
CompareStringW
SetFileTime
InitializeCriticalSection
WideCharToMultiByte
HeapCreate
FlushFileBuffers
SetHandleCount
GetSystemInfo
FreeEnvironmentStringsA
GetStartupInfoA
GetTimeFormatA
LCMapStringW
VirtualFree
CreateMutexA
SetLocaleInfoA
FindFirstFileExW
IsValidCodePage
FlushInstructionCache
lstrcmpA
GetFileType
SetFilePointer
GetStringTypeA
LoadLibraryA
TlsFree
VirtualProtect
HeapDestroy
GetTickCount
GetLastError
GetCurrentProcess
GetCurrentThread
GetOEMCP
GetStringTypeW
OutputDebugStringW
UnhandledExceptionFilter
GetDriveTypeW
LeaveCriticalSection
MultiByteToWideChar
SetLastError
GetSystemTime
EnterCriticalSection
GetEnvironmentStrings
GetUserDefaultLCID
LCMapStringA
ReadFile
GetEnvironmentStringsW

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d3694a09b31b9fc0d7db5d95a459f55

Headers

File Characteristics

Imports

advapi32

comctl32

wininet

user32

kernel32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 257KB - Virtual size: 256KB

.data Size: 105KB - Virtual size: 135KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 257KB - Virtual size: 256KB

.data
Size: 105KB - Virtual size: 135KB

.rsrc
Size: 24KB - Virtual size: 24KB