615dc767f95644137ffeb0f7f10b6ed6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

615dc767f95644137ffeb0f7f10b6ed6_JaffaCakes118
Size

568KB
MD5

615dc767f95644137ffeb0f7f10b6ed6
SHA1

e8e2fb11edc48e0fb974d7c246f5b496f153b408
SHA256

53cb4bc7eca2c6db0a13e15f00f806d8b7ccd5ae543ca12a64e3b461225b048c
SHA512

40a7f266af8b6467a1795139dddb3a3b68a6479727b3a8363afcedb5aad0fff8d06a1d19e2762efe71899565cae6b51c1112a902a2c8f2ca02b376107dd0ab12
SSDEEP

12288:yehwTlHUC90g04Pd0ODfelGrOfRxi5FrsM9t:Kl0C90N471qfbKZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615dc767f95644137ffeb0f7f10b6ed6_JaffaCakes118

Files

615dc767f95644137ffeb0f7f10b6ed6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4acc16d0b806a5e1102745678eb1ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\

Imports

kernel32

SetWaitableTimer
CloseHandle
SetEnvironmentVariableA
InterlockedExchange
VirtualAlloc
GetStdHandle
GetVersionExA
FindAtomA
GetFileType
GetStringTypeA
EnterCriticalSection
GetStringTypeW
EnumResourceNamesA
GetLocaleInfoW
GetLogicalDriveStringsW
UnlockFile
EnumSystemLocalesA
GetDiskFreeSpaceExW
GetCurrentThread
FindNextFileA
ReadFile
GetPriorityClass
GetDiskFreeSpaceW
GetCalendarInfoA
GetTempFileNameA
GlobalSize
HeapSize
GlobalReAlloc
FreeEnvironmentStringsA
EnumDateFormatsW
VirtualProtect
GetLogicalDriveStringsA
GetProfileStringW
GetEnvironmentStrings
LoadModule
GetWindowsDirectoryA
SetStdHandle
GetCurrentProcess
FlushFileBuffers
IsValidCodePage
GetCurrentProcessId
IsBadWritePtr
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
GetSystemDefaultLangID
LCMapStringW
GlobalFindAtomA
DuplicateHandle
HeapCreate
TlsGetValue
WideCharToMultiByte
LoadLibraryA
GetProfileIntA
LocalShrink
GetTimeFormatA
CompareStringA
ExitProcess
LeaveCriticalSection
GetCurrentThreadId
InterlockedDecrement
FindNextFileW
OutputDebugStringW
TlsFree
TlsAlloc
GetCPInfo
GetLastError
EnumSystemLocalesW
InitializeCriticalSection
CreateWaitableTimerA
LocalLock
GetProcAddress
HeapAlloc
GetFileAttributesW
WriteProfileSectionA
GetSystemInfo
SetConsoleTitleA
LCMapStringA
GetLocaleInfoA
FreeEnvironmentStringsW
LocalHandle
TerminateProcess
GetNamedPipeInfo
WriteFile
TlsSetValue
MultiByteToWideChar
DeleteCriticalSection
EnumResourceLanguagesA
CreateEventW
UnhandledExceptionFilter
VirtualQuery
HeapFree
QueryPerformanceCounter
HeapDestroy
GetTickCount
CompareStringW
GetModuleHandleA
lstrlenW
GetUserDefaultLCID
EnumResourceNamesW
GetSystemTimeAsFileTime
CreateMutexA
GetEnvironmentStringsW
HeapReAlloc
RtlUnwind
SetFilePointer
GetOEMCP
GetSystemTimeAdjustment
GetDateFormatA
OpenMutexA
VirtualFree
UnmapViewOfFile
GetTimeZoneInformation
IsValidLocale
GetACP
SetLastError
GetCommandLineA

gdi32

DeleteDC
GetObjectW
GetDCOrgEx
ExtFloodFill
ModifyWorldTransform
CreateDCA
SetDIBColorTable
GetBitmapDimensionEx
CreateScalableFontResourceA
SetGraphicsMode
GetDeviceCaps
SelectObject
gdiPlaySpoolStream
GetTextAlign

wininet

SetUrlCacheEntryGroup

advapi32

CryptDecrypt
LookupPrivilegeDisplayNameW
CryptGetHashParam
RegRestoreKeyA
CryptDuplicateKey
LookupAccountNameW
CryptEnumProviderTypesW
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
GetUserNameA

user32

RegisterClassExA
TranslateAcceleratorA
CreateWindowExW
DefWindowProcW
GetPropW
UnregisterClassA
ValidateRect
ExitWindowsEx
SetDlgItemTextW
wsprintfW
WindowFromDC
RegisterClipboardFormatA
CreateCaret
SetCaretPos
AdjustWindowRectEx
DlgDirListW
DestroyCaret
GetGuiResources
DestroyWindow
RegisterClassA
ShowWindow
AnyPopup
SetTimer
SetWindowWord
SetWindowContextHelpId
MessageBoxA

comctl32

CreateUpDownControl
ImageList_Duplicate
ImageList_Read
InitCommonControlsEx
_TrackMouseEvent
ImageList_Merge
ImageList_SetIconSize

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4acc16d0b806a5e1102745678eb1ad1

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

wininet

advapi32

user32

comctl32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 108KB - Virtual size: 125KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 108KB - Virtual size: 125KB

.rsrc
Size: 48KB - Virtual size: 47KB