4791864f0c91419837e64f64d5b85255_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4791864f0c91419837e64f64d5b85255_JaffaCakes118
Size

459KB
MD5

4791864f0c91419837e64f64d5b85255
SHA1

c075efdafc59a5cfcb2fde97e5e75772b03ba1fd
SHA256

9fabd872c494023dbcb9ef3d4e3c11ebeecafb4c6daab5336cf90645a4bb927c
SHA512

03f1a4b510f2a9bf2657414219ae62666ed508cea9e978199766c9be2b3d44480e692d66dee1142828d052d9e7fb1f957cdfcb4dad37517e281f329691d33423
SSDEEP

12288:p3fZYP34ljwkvJxbDb7A3H2jKT3Pq6YQIO94MH:pZYPoljZhZDbsBBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4791864f0c91419837e64f64d5b85255_JaffaCakes118

Files

4791864f0c91419837e64f64d5b85255_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda8694cbff9d2235ea38c81ab263254

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheConfigInfoA
IsUrlCacheEntryExpiredA
DetectAutoProxyUrl

advapi32

LookupPrivilegeNameA
RegSetValueW
CryptEnumProvidersA
RegSetValueA
RegDeleteKeyA
CryptSetProviderExA
LookupAccountNameA
LookupAccountSidW
RegConnectRegistryA
RegCreateKeyW
CryptSetProviderW
CryptEncrypt
CryptSignHashA
CryptSetProviderA

shell32

SHGetPathFromIDListA
CommandLineToArgvW
RealShellExecuteA
SHBrowseForFolderW
SHGetDiskFreeSpaceA

kernel32

VirtualProtect
InitializeCriticalSection
VirtualQuery
GetACP
MultiByteToWideChar
FreeEnvironmentStringsW
HeapReAlloc
GetStringTypeA
GetStdHandle
GetEnvironmentStrings
GetEnvironmentStringsW
ReadConsoleOutputAttribute
LCMapStringW
GetLastError
IsValidCodePage
GetLocaleInfoW
WideCharToMultiByte
CompareStringW
GetCurrentThread
GetProcAddress
GetSystemDefaultLCID
LockFileEx
GetVersionExA
InterlockedExchange
EnumSystemLocalesA
HeapDestroy
GetCommandLineA
HeapAlloc
GetStringTypeW
FreeEnvironmentStringsA
GetCurrentProcess
GetCurrentThreadId
HeapCreate
LeaveCriticalSection
UnhandledExceptionFilter
GetLocaleInfoA
TlsFree
GetTimeFormatA
GetUserDefaultLCID
WriteFile
GetFileType
HeapFree
GetLogicalDriveStringsW
FindResourceW
GetTickCount
SetLocaleInfoA
LoadLibraryA
EnterCriticalSection
TlsAlloc
RemoveDirectoryA
GetCPInfo
GetModuleFileNameA
VirtualFree
RtlUnwind
IsBadWritePtr
GetSystemTimeAsFileTime
VirtualAlloc
SetLastError
GetModuleHandleA
HeapSize
GetSystemInfo
QueryPerformanceCounter
SetThreadAffinityMask
ExitProcess
GetCurrentProcessId
GetDriveTypeW
GlobalAlloc
SetEnvironmentVariableA
TlsGetValue
TlsSetValue
LCMapStringA
IsValidLocale
GetTimeZoneInformation
GetProfileIntW
SetConsoleTitleA
WaitForDebugEvent
TerminateProcess
DeleteCriticalSection
GetDateFormatA
SetHandleCount
GetStartupInfoA
SetFileAttributesA
GetOEMCP
CompareStringA
UnlockFileEx

comdlg32

PrintDlgW
ReplaceTextW
PageSetupDlgW
ChooseColorW

gdi32

UnrealizeObject
CreateColorSpaceW
GetEnhMetaFileBits
GetNearestColor
FillPath
SetStretchBltMode
EnumICMProfilesW
SetICMMode
CreateRectRgnIndirect
DrawEscape
GetCharWidthFloatW
IntersectClipRect
ResetDCA
CopyMetaFileW
GetLogColorSpaceW
GetDIBColorTable
GetAspectRatioFilterEx
GetTextCharset
MaskBlt
GetEnhMetaFileA
CloseMetaFile
SetROP2
GetTextExtentExPointA

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda8694cbff9d2235ea38c81ab263254

Headers

File Characteristics

Imports

wininet

advapi32

shell32

kernel32

comdlg32

gdi32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 8KB - Virtual size: 39KB

.data Size: 321KB - Virtual size: 321KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 8KB - Virtual size: 39KB

.data
Size: 321KB - Virtual size: 321KB

.rsrc
Size: 5KB - Virtual size: 4KB