68eb36ecb25b3c6cad434fbc0d235591_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

68eb36ecb25b3c6cad434fbc0d235591_JaffaCakes118
Size

491KB
MD5

68eb36ecb25b3c6cad434fbc0d235591
SHA1

5b78089e48a997745ff97bf33c622ee30b952946
SHA256

44260c4de5cea5016b03314b30fca5a84d69046cd4bf7b1b96a56d5fb0a31e35
SHA512

6b45508685e20beeb45a0a3191dcd1ccda0d5382a75e8e8a6286ce23e160a60f0730ba50ffeae9fed24dc69759ad7503b9342f0f034355a54b41a1d02f94a543
SSDEEP

6144:gB50RkQDaYrFL9DE2AswZHf0X0SsFLhjmhKs0fuu7bJB6B5cGWi9OKeZlu:gB50RfJtEJTfg0bxhuKsafJwWiUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68eb36ecb25b3c6cad434fbc0d235591_JaffaCakes118

Files

68eb36ecb25b3c6cad434fbc0d235591_JaffaCakes118
.exe windows:4 windows x86 arch:x86

821cad3c96583e3461f32ec70bc58a29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
RegEnumKeyW
RegSetKeySecurity
LookupPrivilegeDisplayNameA
RegQueryMultipleValuesW
RegSetValueA
DuplicateTokenEx
CryptGetDefaultProviderW

user32

ShowOwnedPopups
SetMenuItemBitmaps
DefWindowProcW
EnableScrollBar
ScrollWindowEx
SetThreadDesktop
LoadImageW
RegisterClassA
MonitorFromPoint
RegisterClassExA
CreateWindowExA
DestroyWindow
DdeQueryStringA
ShowWindow
MessageBoxA
GetMonitorInfoW
ArrangeIconicWindows
GetScrollRange
VkKeyScanExA
IsRectEmpty
DdeCreateDataHandle
SetScrollInfo
WINNLSGetIMEHotkey
OemToCharA
UnregisterClassW
IsCharUpperA
CloseClipboard
DlgDirSelectComboBoxExW
GetWindowPlacement

wininet

InternetTimeFromSystemTime
FreeUrlCacheSpaceA

shell32

CommandLineToArgvW
SHFileOperationA
DragQueryFileAorW
SHGetDataFromIDListA

kernel32

WriteConsoleInputW
WideCharToMultiByte
FindFirstFileExW
InterlockedExchange
GetTimeFormatA
GetTempFileNameW
SetStdHandle
WritePrivateProfileSectionW
HeapSize
GetStdHandle
MultiByteToWideChar
CompareStringA
FreeEnvironmentStringsA
GetCommandLineW
GetLocaleInfoA
GetDateFormatA
RtlFillMemory
VirtualAlloc
GetStringTypeW
GetVersionExA
GetOEMCP
GetCurrentThreadId
HeapDestroy
GetConsoleCP
GetCurrentThread
TlsAlloc
SetLastError
DeleteCriticalSection
VirtualFree
TlsFree
ReadFile
FindFirstFileExA
GetLocaleInfoW
LoadLibraryA
GetACP
TlsSetValue
IsValidLocale
RtlUnwind
WriteFile
LeaveCriticalSection
VirtualQuery
LCMapStringW
GetCPInfo
GetLastError
ExitProcess
CompareStringW
GetDiskFreeSpaceExW
MoveFileExA
CommConfigDialogW
GetStringTypeA
GetModuleFileNameA
GetTimeZoneInformation
GetUserDefaultLCID
GetEnvironmentStringsW
lstrcatW
GetTickCount
GetFileType
InitializeCriticalSection
TerminateProcess
GetCommandLineA
GetCurrentProcess
OpenMutexA
EnumResourceNamesA
SetHandleCount
CreateMutexA
FreeEnvironmentStringsW
IsBadWritePtr
HeapAlloc
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
EnumSystemLocalesA
GetProcAddress
HeapReAlloc
LCMapStringA
GlobalGetAtomNameA
SetEnvironmentVariableA
TlsGetValue
SetConsoleTitleW
CloseHandle
GetEnvironmentStrings
GetModuleHandleA
SetFilePointer
VirtualProtect
GetSystemInfo
EnterCriticalSection
HeapFree
QueryPerformanceCounter
FindNextFileW
GetStartupInfoA
IsValidCodePage
HeapCreate
SystemTimeToFileTime
UnhandledExceptionFilter

comctl32

ImageList_GetDragImage
ImageList_Copy
ImageList_SetBkColor
ImageList_Add
CreateStatusWindow
ImageList_LoadImageW
ImageList_AddIcon
CreateMappedBitmap
InitMUILanguage
ImageList_SetImageCount
InitCommonControlsEx
ImageList_GetFlags
ImageList_Destroy
ImageList_Remove
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_DrawEx
CreateStatusWindowW

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

821cad3c96583e3461f32ec70bc58a29

Headers

File Characteristics

Imports

advapi32

user32

wininet

shell32

kernel32

comctl32

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 42KB - Virtual size: 72KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 42KB - Virtual size: 72KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 18KB - Virtual size: 18KB