694d8a9b079f4f371f76dd50a96cf260_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

694d8a9b079f4f371f76dd50a96cf260_JaffaCakes118
Size

313KB
MD5

694d8a9b079f4f371f76dd50a96cf260
SHA1

194afea9f080308cfce9afa63e45978b1e2320cf
SHA256

a2071d9d45d22c518bacfde299d0f47493533d7a766a0e75cfa8c2fad66add77
SHA512

5473ac79d21b38776b1ebabbddd1eb75d49e36b5c6e9474409ea09f569db44ff7607113921ada7060ad3b0ab7c58bdbf0ffc9e8e637b7b416e2d2f8e4143a7ef
SSDEEP

6144:zFFYDTe4OnjMEpSt7LoP9UnEAv9Sw5lOlz209Bll5aj7Ams+M/alAEUyHniN:cRt7LoaQtlXfaj7Ams+UeUyHniN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
694d8a9b079f4f371f76dd50a96cf260_JaffaCakes118

Files

694d8a9b079f4f371f76dd50a96cf260_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5baaf22acf934eda26f00d2b9992f7a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

user32

GetGuiResources
ChangeDisplaySettingsA
ToUnicode
RegisterClassA
OemKeyScan
DdeUnaccessData
DdeCreateDataHandle
RegisterClassExA

wininet

DeleteUrlCacheContainerW
HttpCheckDavCompliance
HttpSendRequestW
FreeUrlCacheSpaceW

shell32

CheckEscapesW
ExtractAssociatedIconExA
ShellExecuteEx
DragQueryFileA
SHEmptyRecycleBinW

comctl32

InitCommonControlsEx

kernel32

GetCommandLineA
LoadLibraryA
VirtualQuery
GetEnvironmentStringsW
LCMapStringA
GetEnvironmentStrings
SetFilePointer
GetStdHandle
ExitProcess
LeaveCriticalSection
InterlockedIncrement
GetProcessShutdownParameters
HeapFree
TlsFree
SetLastError
SetConsoleScreenBufferSize
MultiByteToWideChar
FreeEnvironmentStringsA
ConvertDefaultLocale
QueryPerformanceCounter
OutputDebugStringA
FlushFileBuffers
TlsAlloc
DeleteCriticalSection
GetStringTypeA
GetCurrentProcess
CompareStringA
WaitCommEvent
GetFileType
GetLocaleInfoA
FreeEnvironmentStringsW
WaitNamedPipeW
WideCharToMultiByte
FindResourceA
CreateMutexA
RtlUnwind
GetCurrentThreadId
TlsSetValue
CompareStringW
SetHandleCount
TlsGetValue
GetCurrentProcessId
VirtualFree
GetStringTypeW
SetEnvironmentVariableA
OpenWaitableTimerA
IsBadWritePtr
GetCommandLineW
OpenMutexA
lstrcat
VirtualAlloc
EnterCriticalSection
GetSystemDefaultLangID
SetCriticalSectionSpinCount
GetModuleHandleA
GetProcAddress
GetVersion
EnumSystemLocalesW
InterlockedDecrement
GetStartupInfoA
LCMapStringW
GetLastError
HeapDestroy
GetModuleFileNameA
GetStartupInfoW
GetAtomNameA
GetSystemTime
CloseHandle
GetPriorityClass
InitializeCriticalSection
WriteFile
WriteConsoleOutputCharacterA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCPInfo
HeapCreate
GetTickCount
GetTimeZoneInformation
GetLocalTime
ReadFile
GetDiskFreeSpaceExW
SetStdHandle
GetModuleFileNameW
InterlockedExchange
HeapReAlloc
TerminateProcess
HeapAlloc
GetCurrentThread

gdi32

PolylineTo
SetICMMode
EnumFontsA
CreateRectRgn
CreateFontIndirectW
GetTextColor
GetBoundsRect
OffsetClipRgn
AddFontResourceW
GetAspectRatioFilterEx
SetWindowOrgEx
AddFontResourceA
SetMapperFlags
CreateDCW
ExtCreateRegion
ResizePalette
CreateCompatibleBitmap
GetClipRgn

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5baaf22acf934eda26f00d2b9992f7a6

Headers

File Characteristics

Imports

comdlg32

user32

wininet

shell32

comctl32

kernel32

gdi32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 5KB - Virtual size: 14KB

.data Size: 146KB - Virtual size: 145KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 5KB - Virtual size: 14KB

.data
Size: 146KB - Virtual size: 145KB

.rsrc
Size: 8KB - Virtual size: 7KB