63eb2917da56709eca7feb7fdd5344fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63eb2917da56709eca7feb7fdd5344fd_JaffaCakes118
Size

541KB
MD5

63eb2917da56709eca7feb7fdd5344fd
SHA1

5018c49acbcf1c99cc40e30ac8464893ebcbcae8
SHA256

2b3d621c2aed325b05ab78ec877b5c7b3c4907a674bb3e76263fe4be73782767
SHA512

b6cd998b5d491ff2dbf12b97746ff282f342fb0c7824ea778c6965a8ba6ae0f0d42cd64d4ad6991fc91d37d812b9f345a0f606a9d8529b22005d8e4a1db14a81
SSDEEP

12288:BS0t3YUdBeTC6SY3U5B9aOZ5RpaWIBZbRokJuB4krWBuPiFT0N:rt3TdBePSYkB/psovuBuK0N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63eb2917da56709eca7feb7fdd5344fd_JaffaCakes118

Files

63eb2917da56709eca7feb7fdd5344fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70460b6e63eb924494125af29cfde93d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
FindTextA

shell32

SHGetDataFromIDListW
SHGetSpecialFolderPathA
ShellAboutW

user32

RegisterClassA
CallMsgFilterW
ShowWindow
SetDlgItemTextA
MessageBoxA
DestroyWindow
RegisterClassExA
IsDialogMessageA
CreateWindowExW
DefWindowProcW

wininet

CreateUrlCacheContainerA
ReadUrlCacheEntryStream
FindFirstUrlCacheEntryA

kernel32

EnumSystemLocalesA
TerminateProcess
TlsGetValue
CreateMutexA
GetSystemTimeAsFileTime
GetEnvironmentStrings
InitializeCriticalSection
GetShortPathNameA
GetStringTypeA
GetCurrentProcess
InterlockedExchange
EnumResourceTypesA
HeapCreate
GetPrivateProfileStructW
WideCharToMultiByte
lstrcatA
CompareStringA
OutputDebugStringW
GetModuleHandleA
CompareStringW
OpenMutexA
HeapDestroy
TlsFree
GetLastError
GetCurrentProcessId
HeapFree
GetCurrentThread
VirtualFree
TlsAlloc
GetNumberFormatW
ExitProcess
VirtualQuery
RtlUnwind
ExpandEnvironmentStringsA
HeapAlloc
WriteFile
GetModuleFileNameA
lstrcmpiA
VirtualAlloc
QueryPerformanceCounter
CloseHandle
GetTimeFormatA
HeapReAlloc
IsValidCodePage
IsBadWritePtr
LCMapStringA
VirtualProtect
GetLocaleInfoA
UnhandledExceptionFilter
SetHandleCount
GetCommandLineA
LeaveCriticalSection
LoadLibraryA
EnterCriticalSection
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetDateFormatA
GetStartupInfoA
GetOEMCP
HeapSize
GetSystemInfo
TlsSetValue
LCMapStringW
GetCPInfo
CreateSemaphoreW
GetTimeZoneInformation
LocalCompact
GetProcAddress
DeleteCriticalSection
GetUserDefaultLCID
MultiByteToWideChar
SetConsoleScreenBufferSize
GetACP
SetFilePointer
FreeEnvironmentStringsA
SetEnvironmentVariableA
GetEnvironmentStringsW
FlushFileBuffers
ReadFile
FreeEnvironmentStringsW
FindResourceW
SetLastError
GetVersionExA
GetCurrentThreadId
SetStdHandle
GetTickCount
GetFileType
GetStdHandle

advapi32

StartServiceA
GetUserNameW
DuplicateToken
CryptDeriveKey
LookupPrivilegeDisplayNameW
RegCreateKeyA
AbortSystemShutdownA

comctl32

ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_LoadImageW
ImageList_Replace
CreateStatusWindow
MakeDragList
ImageList_DrawEx
ImageList_Read
CreateToolbarEx
InitCommonControlsEx
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_Copy
ImageList_ReplaceIcon
DrawInsert
CreateMappedBitmap
ImageList_DrawIndirect
CreateStatusWindowW

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70460b6e63eb924494125af29cfde93d

Headers

File Characteristics

Imports

comdlg32

shell32

user32

wininet

kernel32

advapi32

comctl32

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 214KB - Virtual size: 239KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 214KB - Virtual size: 239KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 26KB - Virtual size: 26KB