5a85ab531fe8978626ab51dcc9612e38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a85ab531fe8978626ab51dcc9612e38_JaffaCakes118
Size

539KB
MD5

5a85ab531fe8978626ab51dcc9612e38
SHA1

4180ecdf0dd0a400ab77411ff9a2c8f7a6c703ea
SHA256

18cfdd146626f73e162a68de6d45dfdfbbc477631c1d4121826eba0d49db0300
SHA512

c1fce4bb1f47a6947a13fa9e4f98d97bbfdcd532130878dbe0c6ac5c0744e182b68a46fc5a814bef3cc6fc991c8d66ef4d7d4e30ebf1aab778b3be0059534a04
SSDEEP

12288:fD08FqnaKmAD1/JzsiLqxySwCQ05Rkr2Yy:fD08Fq5ma1/Jzp/va

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a85ab531fe8978626ab51dcc9612e38_JaffaCakes118

Files

5a85ab531fe8978626ab51dcc9612e38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbe567beaf86f8e9f94337a70c8c97d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHLoadInProc
SHFileOperationA
SHUpdateRecycleBinIcon

kernel32

HeapReAlloc
GetModuleHandleA
GetTickCount
SetUnhandledExceptionFilter
SetFilePointer
UnhandledExceptionFilter
GetCurrentThreadId
WriteFile
GetProcessHeaps
GetConsoleOutputCP
QueryPerformanceCounter
GetLastError
WriteConsoleOutputCharacterA
GetTimeFormatA
SetHandleCount
SetConsoleCP
EnumSystemLocalesA
EnterCriticalSection
GetLocaleInfoW
GetProcAddress
HeapFree
GetCommandLineA
GetCurrentProcess
GetModuleFileNameA
MultiByteToWideChar
GetConsoleCP
GetEnvironmentStrings
CloseHandle
ReadFile
WriteConsoleW
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
CreateFileA
SetEnvironmentVariableA
VirtualQuery
GetSystemTimeAsFileTime
FreeLibrary
LCMapStringA
IsValidLocale
InterlockedExchange
SetConsoleCtrlHandler
WriteConsoleA
TlsSetValue
FreeEnvironmentStringsW
ExitProcess
HeapCreate
GetDateFormatA
CompareStringA
LCMapStringW
WideCharToMultiByte
TerminateProcess
InterlockedIncrement
Sleep
CreateMutexA
TlsFree
GetLocaleInfoA
GetUserDefaultLCID
GetOEMCP
InitializeCriticalSection
CompareStringW
GetEnvironmentStringsW
GetACP
VirtualAlloc
SetStdHandle
CreateFileMappingA
SetLastError
GetStringTypeA
GetProcessHeap
OpenMutexA
LoadLibraryA
HeapSize
IsDebuggerPresent
GetConsoleMode
HeapDestroy
GetStringTypeW
TlsAlloc
GetTimeZoneInformation
HeapAlloc
GetStdHandle
GetFileType
GetCurrentProcessId
TlsGetValue
FlushFileBuffers
GetCPInfo
RtlUnwind
InterlockedDecrement
FreeEnvironmentStringsA
GetStartupInfoA
GetCurrentThread
GlobalFindAtomA
GetVersionExA
IsValidCodePage

advapi32

CreateServiceA
RegQueryMultipleValuesA
CryptGetDefaultProviderW
ReportEventA
DuplicateToken
RegQueryValueW
RegLoadKeyA
AbortSystemShutdownW
LookupSecurityDescriptorPartsW
CryptEncrypt
CryptGenKey
CryptGetKeyParam
RegEnumValueW
RegDeleteValueW
RegConnectRegistryW
CryptSetProviderExW
CryptSetProviderW
RegSaveKeyA
CryptGetDefaultProviderA
CryptReleaseContext
CryptDestroyKey
CryptCreateHash
RegSetValueExA
GetUserNameW
RegQueryMultipleValuesW

comctl32

InitCommonControlsEx

user32

GetClassNameW
GetWindow
GetMessageA
VkKeyScanExA
LockWindowUpdate
CharNextA
DrawIconEx
IsChild
UnloadKeyboardLayout
IsDialogMessageA
GetClipCursor
GetWindowInfo
GetClassLongA
RegisterClassA
MapDialogRect
GetDCEx
GetClassInfoExW
MessageBoxIndirectA
EndPaint
ChildWindowFromPointEx
RegisterClassExA
WaitForInputIdle
LoadMenuW
GrayStringA
CharToOemBuffA

wininet

GopherOpenFileW
CreateUrlCacheContainerA
InternetAttemptConnect
InternetGetConnectedStateExW
InternetGoOnlineW
InternetGoOnline
InternetReadFile
ResumeSuspendedDownload

comdlg32

GetOpenFileNameW
FindTextW

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbe567beaf86f8e9f94337a70c8c97d1

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

comctl32

user32

wininet

comdlg32

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 11KB - Virtual size: 37KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 11KB - Virtual size: 37KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 10KB - Virtual size: 10KB