68d1be040cb2d3177ba28af682c5d5d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68d1be040cb2d3177ba28af682c5d5d5_JaffaCakes118
Size

431KB
MD5

68d1be040cb2d3177ba28af682c5d5d5
SHA1

919b360f0655445b08cb2fa1886241d8ef361fd5
SHA256

4024d81ea0609bfb2f602d7f6bcf7c9b2eab6feddb7f3be24b76b0218dc9c898
SHA512

9355d49c2e01ff3e7b05469210acbc0d679c3de032b01ee337dc328b67c5dcdaa33237297e2b0227c4ce4f1fb4a1abf2069eace2d2045bf457e28879d5926954
SSDEEP

6144:CuwNWVdAFEefoVrWLywVlzWgN/rbFaIheP2LDGOE2N2Lv3DGrm+eUdDeIRtmTxT0:ScXAFhfbVlzPF/vZa2GKipHBq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68d1be040cb2d3177ba28af682c5d5d5_JaffaCakes118

Files

68d1be040cb2d3177ba28af682c5d5d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

090a3009a995dad74b4ce97d2fc93845

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CancelDC
GetWorldTransform
PolyTextOutW
GetICMProfileW
SetTextCharacterExtra
CopyEnhMetaFileW
CreateICW
GetTextColor
PatBlt
GetBoundsRect
Polygon
TextOutW
SetPaletteEntries
SetMetaRgn
GetLogColorSpaceW
gdiPlaySpoolStream
PlayEnhMetaFileRecord
OffsetWindowOrgEx

wininet

InternetOpenW
HttpOpenRequestW
RunOnceUrlCache
FtpSetCurrentDirectoryA
RetrieveUrlCacheEntryStreamA
InternetOpenUrlW
InternetSetOptionExA
FtpCommandA
FtpPutFileW

advapi32

CryptSignHashW
CryptEnumProviderTypesW
CryptDestroyHash
CryptDuplicateKey
CryptAcquireContextW
LookupPrivilegeNameW
DuplicateToken
RegOpenKeyExA
CryptSetProviderExA
RegCloseKey
RegEnumValueA
CryptSetProviderA
RegDeleteValueW
CryptGetUserKey
InitiateSystemShutdownW
RevertToSelf
CryptSetHashParam
CryptDecrypt
CryptAcquireContextA
RegSetValueW

comdlg32

ChooseFontA

kernel32

TlsFree
VirtualAlloc
SleepEx
QueryPerformanceCounter
GetComputerNameW
FreeEnvironmentStringsA
LeaveCriticalSection
SetHandleCount
MultiByteToWideChar
HeapFree
ExitProcess
GetCurrentThreadId
GetProcAddress
LocalFlags
GetCurrentThread
GetCurrentProcessId
FreeEnvironmentStringsW
TlsSetValue
LoadLibraryA
GetStdHandle
GetTickCount
GetFileType
VirtualQuery
WriteProfileStringA
GetCurrentProcess
GetEnvironmentStringsW
GetStartupInfoW
VirtualFree
GetUserDefaultLCID
UnhandledExceptionFilter
TlsAlloc
InterlockedExchange
TerminateProcess
EnumTimeFormatsW
GetSystemTimeAsFileTime
GetCommandLineW
GetPrivateProfileStringA
GetStartupInfoA
HeapReAlloc
GetModuleFileNameW
EnterCriticalSection
RtlUnwind
lstrcpy
HeapAlloc
IsBadWritePtr
GetEnvironmentStringsA
GetCommandLineA
SetLastError
GetModuleHandleA
TlsGetValue
HeapCreate
GetEnvironmentStrings
GetLastError
SetPriorityClass
WriteFile
InitializeCriticalSection
GetVolumeInformationW
GetModuleFileNameA
DeleteCriticalSection
lstrlenW
HeapDestroy
GetVersion

user32

GetWindowWord
DdeInitializeW
DispatchMessageW
PeekMessageA
EnumDisplaySettingsExW
LoadStringW
EnableScrollBar
CallMsgFilterA
MonitorFromWindow
GetDoubleClickTime
UnhookWindowsHook
DdeInitializeA
GetWindowPlacement
IsChild

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

090a3009a995dad74b4ce97d2fc93845

Headers

File Characteristics

Imports

gdi32

wininet

advapi32

comdlg32

kernel32

user32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 4KB - Virtual size: 34KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 4KB - Virtual size: 34KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 9KB - Virtual size: 8KB