49792154e7c949c2a0f725345daf9119_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49792154e7c949c2a0f725345daf9119_JaffaCakes118
Size

372KB
MD5

49792154e7c949c2a0f725345daf9119
SHA1

811f7fe703fc67cda7a9d809fee7119ec23bc5b4
SHA256

560195623eba7c2bf463879cc96411baee197d822843af0d901a7ce3a80242e9
SHA512

7c665384cbe368d9e02119ba3114433bd50f561e8fba49d6a1e111d2d76592ce57afd4c5e020b3809c0071aa98754e583ec78d9d9428ee0ebd63b0e9f425d5c7
SSDEEP

6144:Po0YbHxYxtD5G8kf7AMco1G6D51m4hbXKbZa3/vnR3RY/HGIYmxH7M:RYstD/kC6T5pk0vvR6/mInxH7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49792154e7c949c2a0f725345daf9119_JaffaCakes118

Files

49792154e7c949c2a0f725345daf9119_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d61b62d0c1ec14a8cf19a6664f15719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryInfoKeyW
RegEnumKeyW
RegQueryInfoKeyA
RegQueryValueExA
LogonUserW
CryptSetProviderA
RegSetValueA
CryptGetKeyParam
LookupAccountSidA
GetUserNameA
RegEnumKeyExA
RegOpenKeyA
CryptEncrypt
RegSaveKeyA
InitiateSystemShutdownA
ReportEventW
LookupPrivilegeDisplayNameA
CryptSetProvParam
LookupPrivilegeValueA

user32

GetMenuItemRect
LoadImageW
RegisterClassExW
DrawTextA
CreateDialogParamA
GetInputDesktop
GetUpdateRect
UnregisterClassW
DdeQueryStringA
ChangeDisplaySettingsExW
GetCapture
TranslateAcceleratorA
ModifyMenuW
SetDlgItemInt
ChangeMenuW
DlgDirListComboBoxA
RegisterClassA
WINNLSEnableIME
VkKeyScanW
PeekMessageA
DdeUninitialize
RegisterClassExA
GetMenu
CheckRadioButton

shell32

ShellExecuteA
ExtractIconW
CommandLineToArgvW
SHGetPathFromIDList
RealShellExecuteExW

comctl32

InitCommonControlsEx

kernel32

GetStartupInfoW
TlsGetValue
GetOEMCP
SetComputerNameA
GetCommandLineA
TlsAlloc
OpenMutexA
RtlUnwind
LCMapStringA
FreeEnvironmentStringsA
WideCharToMultiByte
GetFileType
GetModuleHandleA
LeaveCriticalSection
GetCurrentProcessId
CloseHandle
GetCommandLineW
GetStringTypeA
GetCurrentDirectoryA
SetStdHandle
GetCurrentProcess
SetFilePointer
TransactNamedPipe
GetNumberFormatA
GetCurrentThread
GetEnvironmentStrings
GetCPInfo
EnumResourceTypesW
DeleteCriticalSection
GetConsoleMode
CreateEventW
QueryPerformanceCounter
GetStartupInfoA
IsValidLocale
ReadFile
HeapDestroy
GetProfileSectionA
GetStdHandle
CompareStringW
HeapSize
SetConsoleCtrlHandler
GetTimeZoneInformation
VirtualQuery
SetEnvironmentVariableA
GetACP
VirtualUnlock
GetDateFormatA
GetModuleFileNameW
CompareStringA
InterlockedIncrement
GetVersionExA
EnterCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoA
GetThreadSelectorEntry
VirtualFree
WriteConsoleW
GetNamedPipeInfo
Sleep
GetEnvironmentStringsW
SetTimeZoneInformation
UnhandledExceptionFilter
GetConsoleOutputCP
TerminateProcess
LoadLibraryA
EnumSystemLocalesA
GetStringTypeW
GetLocaleInfoW
GetTimeFormatA
WriteFile
GetModuleFileNameA
OpenFile
WriteConsoleA
LockResource
ExitProcess
EnumCalendarInfoExW
GetLastError
InitializeCriticalSection
GetConsoleCP
CreateFileA
GetProcessHeap
HeapFree
TlsSetValue
CreateMutexA
InterlockedDecrement
GetProcAddress
LocalUnlock
SetThreadPriority
HeapAlloc
FlushFileBuffers
GetSystemTimeAsFileTime
HeapCreate
SetLastError
MultiByteToWideChar
GetTickCount
GetUserDefaultLCID
IsValidCodePage
InterlockedExchange
FreeEnvironmentStringsW
SetHandleCount
TlsFree
FreeLibrary
SleepEx
HeapReAlloc
LCMapStringW
VirtualAlloc
LocalCompact
GetCurrentThreadId

wininet

InternetSetOptionExA
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
InternetQueryFortezzaStatus
SetUrlCacheConfigInfoW
InternetAutodial
RetrieveUrlCacheEntryFileA
SetUrlCacheHeaderData

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d61b62d0c1ec14a8cf19a6664f15719

Headers

File Characteristics

Imports

advapi32

user32

shell32

comctl32

kernel32

wininet

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 11KB - Virtual size: 31KB

.data Size: 208KB - Virtual size: 208KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 11KB - Virtual size: 31KB

.data
Size: 208KB - Virtual size: 208KB

.rsrc
Size: 2KB - Virtual size: 2KB