599bf17199b7e3a28e09f774d978f096_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

599bf17199b7e3a28e09f774d978f096_JaffaCakes118
Size

449KB
MD5

599bf17199b7e3a28e09f774d978f096
SHA1

6d12a2d1da9733cfd3d702332e113bac843a5bdf
SHA256

a7ef488ad42ff0411533f68d94d0cb37d27c156460b42ed607913f6ac476bc8c
SHA512

ff034921c5567a67b36c714d7cc8636a9b5046ccf7971d1f4c9ceeec8661e49340b621abbab7fcc8221ae8687a06b91921a4c880d0101ee45a9e4b23e360afac
SSDEEP

12288:wuS/AQmO4uJLZR5Z0oqzFRskGXWW97+y+/:wuSUO4uv+rIkiWo7w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
599bf17199b7e3a28e09f774d978f096_JaffaCakes118

Files

599bf17199b7e3a28e09f774d978f096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe1521f2d68ca0b8f5b2c808dc8aa1e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
LCMapStringW
HeapReAlloc
GetExitCodeThread
GetLastError
TlsFree
GetTimeFormatA
GetCurrentProcessId
GetSystemInfo
GetVersionExA
IsBadWritePtr
GetProcAddress
GetEnvironmentStrings
HeapAlloc
GetUserDefaultLCID
TerminateProcess
GetTickCount
VirtualFree
GetLocaleInfoW
TlsGetValue
VirtualQuery
GetSystemTimeAdjustment
InterlockedExchange
MultiByteToWideChar
VirtualAlloc
SetHandleCount
LCMapStringA
GetSystemTimeAsFileTime
GetStringTypeW
HeapSize
SetComputerNameA
GetLocaleInfoA
GetModuleHandleA
CompareStringW
FileTimeToLocalFileTime
LocalHandle
GetCommandLineA
WideCharToMultiByte
GetCPInfo
ExitProcess
TryEnterCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsA
EnumSystemLocalesA
GetTimeZoneInformation
IsValidCodePage
GetStartupInfoA
GetCurrentThread
SetLastError
CreateDirectoryA
UnhandledExceptionFilter
GetLongPathNameA
VirtualProtect
InitializeCriticalSection
EnterCriticalSection
GetStringTypeA
IsValidLocale
WriteFile
GetStdHandle
FreeEnvironmentStringsW
DeleteCriticalSection
LeaveCriticalSection
ExpandEnvironmentStringsW
GetModuleFileNameA
GetDateFormatA
lstrcmpW
LoadLibraryA
GetCurrentProcess
GetOEMCP
FormatMessageW
QueryPerformanceCounter
RtlUnwind
GetNamedPipeHandleStateA
GetFileType
TlsAlloc
CompareStringA
GetProcAddress
GetACP
HeapCreate
HeapDestroy
TlsSetValue
HeapFree
SetEnvironmentVariableA
GetFileTime
GetCurrentThreadId

gdi32

CreateDiscardableBitmap
GetTextMetricsA
CloseEnhMetaFile
ResetDCA
GetStretchBltMode
SelectClipPath
SetMiterLimit
SetTextCharacterExtra
CreateBitmapIndirect
GetTextColor
ScaleWindowExtEx

advapi32

GetUserNameW
LogonUserA
RegQueryMultipleValuesA
CryptEnumProvidersW
CryptVerifySignatureW
CryptDestroyHash
CryptAcquireContextW
RegOpenKeyExW
RegDeleteKeyW
RegRestoreKeyA
RegRestoreKeyW
RegEnumKeyA
LogonUserW
CryptGetDefaultProviderA
InitiateSystemShutdownW
RegCreateKeyW
CryptCreateHash
LookupAccountSidA
RegQueryValueW
RegSetValueA
CryptSignHashW
RegOpenKeyA
RegQueryValueA
CryptSignHashA
LookupPrivilegeDisplayNameW

comdlg32

GetFileTitleW
LoadAlterBitmap
PageSetupDlgA
PrintDlgA

user32

CallWindowProcW
GetAltTabInfo
UnhookWindowsHook
CreateWindowStationA
DrawMenuBar
IsZoomed
IsWindowVisible
LoadIconW
LoadAcceleratorsW
SetWindowWord
GetDlgCtrlID
ToUnicodeEx
EnumPropsW
SetPropW
SetWindowsHookExA

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe1521f2d68ca0b8f5b2c808dc8aa1e8

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

comdlg32

user32

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 8KB - Virtual size: 19KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 8KB - Virtual size: 19KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 9KB - Virtual size: 8KB