668a1919b06f24fc376f08fab375c476_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

668a1919b06f24fc376f08fab375c476_JaffaCakes118
Size

521KB
MD5

668a1919b06f24fc376f08fab375c476
SHA1

28176f71b9eedc94cf9ec0480c4033266c3c5983
SHA256

1df740f5750634323e6550d6847a9e7bb884e0cba5c4a3dc95f516ba82f525ac
SHA512

3c81398ea39cb4393945d6d78979acffec4d689ececa8982f3a46893bd6473a35c2a887f91d45737d430188b858ef0aa995ae67d66d3981cd75a61bdf4e46963
SSDEEP

12288:7S/ViZDJER4es/Gy/xxuezZBx/LkXghM7GSolRJX:7ksDK0/Gy5IQyHGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
668a1919b06f24fc376f08fab375c476_JaffaCakes118

Files

668a1919b06f24fc376f08fab375c476_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a79a5ed9143ec0035e04ec69b21aa8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
PrintDlgA
GetSaveFileNameW
GetFileTitleW

wininet

FindFirstUrlCacheEntryA

shell32

RealShellExecuteExA
FindExecutableA
ExtractIconExW
SHBrowseForFolderW
SHGetDataFromIDListA

comctl32

InitCommonControlsEx

user32

GetDC
IsDialogMessageA
ScrollDC
InvalidateRgn
DdeReconnect
CreateMDIWindowA
IsMenu
ChangeDisplaySettingsExW
RegisterClassExA
RegisterClassA
CheckMenuRadioItem
TileChildWindows
DdeAccessData
GetDialogBaseUnits
DrawStateW
GetWindowTextW
ImpersonateDdeClientWindow
DrawFrame
OpenDesktopW
RemovePropW
GetWindowRect
GetMenuContextHelpId

advapi32

CryptSetKeyParam

kernel32

GetTimeZoneInformation
GetModuleFileNameA
LCMapStringA
IsValidLocale
HeapDestroy
GetCommandLineA
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetOEMCP
CompareStringA
GetCurrentProcess
LoadLibraryA
SetFilePointer
GetStartupInfoA
GetEnvironmentStringsW
ExitProcess
OpenWaitableTimerA
MultiByteToWideChar
IsBadWritePtr
HeapAlloc
ReadFile
TerminateProcess
CreateMutexA
UnhandledExceptionFilter
GetModuleHandleA
SetConsoleTextAttribute
RtlUnwind
WideCharToMultiByte
WriteFile
TlsFree
TlsAlloc
GetUserDefaultLCID
SetStdHandle
GetLocaleInfoW
CreateEventA
GetSystemInfo
QueryPerformanceCounter
TlsSetValue
GetDateFormatA
VirtualProtect
LoadModule
VirtualAlloc
FreeEnvironmentStringsW
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
SetHandleCount
lstrlen
GetFileType
GetStringTypeW
HeapFree
CompareStringW
GetSystemTimeAsFileTime
HeapReAlloc
GetTimeFormatA
VirtualFree
TlsGetValue
SetLastError
FreeEnvironmentStringsA
VirtualQuery
CloseHandle
GetStringTypeA
GetLastError
GetTickCount
InterlockedExchange
InitializeCriticalSection
EnumSystemLocalesA
GetACP
SetEnvironmentVariableA
FlushFileBuffers
GetAtomNameA
GetLocaleInfoA
GetProcAddress
FindAtomW
GetCurrentThread
LCMapStringW
DeleteCriticalSection
IsValidCodePage
HeapCreate
OpenMutexA
HeapSize
GetStdHandle
GetVersionExA

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a79a5ed9143ec0035e04ec69b21aa8e

Headers

File Characteristics

Imports

comdlg32

wininet

shell32

comctl32

user32

advapi32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 8KB - Virtual size: 17KB

.data Size: 356KB - Virtual size: 355KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 8KB - Virtual size: 17KB

.data
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 9KB - Virtual size: 9KB