5a7274f2576c7ac7a9ff07db707ceec7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a7274f2576c7ac7a9ff07db707ceec7_JaffaCakes118
Size

440KB
MD5

5a7274f2576c7ac7a9ff07db707ceec7
SHA1

a099e249808595132f552c027d07ca650cb44058
SHA256

a6686d57ae9a4d1513f511d8ecd86e7517b6b9760be3329ec5735e613e5144ca
SHA512

c9a6b6f851f9878dbf71e89774443a1c9a56dba3c228039f7e3bae07afffa11bb3d3754d980d6bcf93a4786691bbc9302707bcd13e376dacbd6b67c1ff9414af
SSDEEP

12288:n820G7SZZ+4oL9vaP1RtmmNA3iKo9tR3FHZ1h:n8XG7SZZ+4oL9CP1m2tR1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a7274f2576c7ac7a9ff07db707ceec7_JaffaCakes118

Files

5a7274f2576c7ac7a9ff07db707ceec7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bef7aaa63085f097072c92ecb43eebfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegNotifyChangeKeyValue
CryptCreateHash
CryptSetHashParam
AbortSystemShutdownA
CryptHashSessionKey
CryptEnumProviderTypesW
RegCreateKeyA
CryptGetHashParam
RegSetValueExA
RegDeleteValueA
LogonUserW
CryptExportKey
CryptEnumProviderTypesA
RegOpenKeyW
RegQueryInfoKeyW
CryptVerifySignatureA

user32

SwitchToThisWindow
LoadCursorFromFileW
GetKeyboardState
MessageBeep
WinHelpW
MessageBoxIndirectW
SetMessageQueue
RegisterWindowMessageA
EnumWindows
CharLowerBuffA
CreateWindowExA

shell32

SHGetPathFromIDList
ExtractAssociatedIconA
ShellExecuteW
SHGetSpecialFolderPathW
DragAcceptFiles
DuplicateIcon
DragQueryFileAorW
DoEnvironmentSubstA
SHFreeNameMappings
SHGetSpecialFolderLocation
SHAddToRecentDocs
SHGetFileInfoA
ExtractAssociatedIconW
ShellAboutA
ShellExecuteExW
SheChangeDirA
CheckEscapesW
CommandLineToArgvW
SHGetFileInfoW
ExtractAssociatedIconExW

wininet

FtpRemoveDirectoryA
HttpSendRequestExW
HttpOpenRequestA
FtpGetFileA
InternetCrackUrlA

kernel32

GetCommandLineW
QueryPerformanceCounter
GetTimeFormatA
TlsFree
GetAtomNameW
VirtualFree
GetUserDefaultLCID
SetLastError
LoadLibraryA
GetTickCount
InterlockedExchange
WriteFile
DeleteCriticalSection
CompareStringW
GetFileTime
SetEnvironmentVariableA
GetFileType
GetLocaleInfoW
UnhandledExceptionFilter
GetCurrentProcess
VirtualProtect
GetCurrentProcessId
LocalHandle
GetCurrentThread
TlsGetValue
TlsAlloc
EnumSystemLocalesA
GetSystemInfo
GetEnvironmentStrings
LeaveCriticalSection
GetDateFormatA
FreeEnvironmentStringsW
SetHandleCount
VirtualAlloc
EnterCriticalSection
FindFirstFileA
GetCurrentThreadId
GetACP
HeapFree
GetVersionExA
InitializeCriticalSection
HeapReAlloc
GetLastError
TerminateProcess
HeapDestroy
GetEnvironmentStringsW
SetEnvironmentVariableW
FreeEnvironmentStringsA
SetThreadIdealProcessor
GetOEMCP
GetStringTypeW
GetModuleFileNameW
GetStringTypeA
HeapSize
ReadConsoleOutputCharacterW
GetModuleHandleA
GetShortPathNameA
HeapCreate
GetCPInfo
OpenMutexW
VirtualQuery
FindAtomW
GetTimeZoneInformation
LCMapStringA
ExitProcess
CompareStringA
GetLocaleInfoA
EnumDateFormatsExA
MultiByteToWideChar
VirtualProtectEx
SetEvent
LCMapStringW
HeapAlloc
IsValidCodePage
GetSystemTimeAsFileTime
GetModuleFileNameA
SetConsoleOutputCP
GetStartupInfoW
TlsSetValue
RemoveDirectoryW
GetProcAddress
IsBadWritePtr
GetCommandLineA
WideCharToMultiByte
IsValidLocale
GetStdHandle
GetStartupInfoA
RtlUnwind

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bef7aaa63085f097072c92ecb43eebfe

Headers

File Characteristics

Imports

advapi32

user32

shell32

wininet

kernel32

Sections

.text Size: 160KB - Virtual size: 159KB

.data Size: 274KB - Virtual size: 273KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 160KB - Virtual size: 159KB

.data
Size: 274KB - Virtual size: 273KB

.rsrc
Size: 5KB - Virtual size: 5KB