73b93148a6772f6b1c5f70d58af3652e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73b93148a6772f6b1c5f70d58af3652e_JaffaCakes118
Size

568KB
MD5

73b93148a6772f6b1c5f70d58af3652e
SHA1

05d37e2e0569fe80c45b64635c8d407f5edbf6b1
SHA256

bdf26f5678fcdd3291ce3522bcb9a37f90a33ecc6c68cf99e1cdf60dcf6adec4
SHA512

601351f13fe767dee733f4e2c2682c2f185f18823341be31230ba1d1d41c62a925b54b14f7672bfa6e0e4d9b808da71acd6506905034b0b80bca044be4ca0e68
SSDEEP

12288:9py2+HdxY21yPweWi0jgIZ4j5Re2YXF/BcMfRv8nMA8ec:9py7r9mDEj3CAheKNOz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73b93148a6772f6b1c5f70d58af3652e_JaffaCakes118

Files

73b93148a6772f6b1c5f70d58af3652e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57e44049898875a2851b87ebc5370567

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

kernel32

CreateDirectoryExW
TlsSetValue
GetCurrentProcess
SetThreadContext
LCMapStringA
FileTimeToSystemTime
LeaveCriticalSection
GlobalUnlock
RtlUnwind
GetCPInfo
GetEnvironmentStrings
GetModuleFileNameW
SetFilePointer
GetProcessHeap
LoadLibraryA
SetConsoleTextAttribute
InterlockedExchange
HeapFree
LocalUnlock
GetStringTypeW
SetStdHandle
CloseHandle
InterlockedIncrement
ExitProcess
InterlockedDecrement
GetStringTypeExW
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeExA
HeapReAlloc
GetCurrentThreadId
MultiByteToWideChar
EnumCalendarInfoA
GlobalSize
GetSystemTime
CreateFileMappingA
EnumDateFormatsExW
LCMapStringW
GetFileType
GetLastError
CompareStringA
CompareStringW
SetHandleCount
GetEnvironmentStringsW
HeapAlloc
TlsAlloc
AllocConsole
VirtualQuery
GetPriorityClass
GetCommandLineA
GetCurrentThread
GetStringTypeA
GetCompressedFileSizeA
GetModuleFileNameA
LocalFree
FlushFileBuffers
VirtualAlloc
OpenMutexA
GetStartupInfoW
ReadFile
FreeLibraryAndExitThread
UnhandledExceptionFilter
VirtualFree
DebugBreak
RemoveDirectoryW
GlobalGetAtomNameW
GetVersion
HeapDestroy
GetFileTime
GetProcAddress
IsBadWritePtr
GetDateFormatW
HeapCreate
FindResourceExW
GetTempPathW
CreateWaitableTimerW
EnterCriticalSection
GetStartupInfoA
GetSystemTimeAsFileTime
CompareFileTime
GetFileAttributesW
GetModuleHandleW
WriteConsoleOutputA
WriteConsoleOutputCharacterW
GetNumberFormatW
GetCurrentProcessId
GetTickCount
InitializeCriticalSection
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetStdHandle
TerminateProcess
WriteFile
GetVolumeInformationA
FreeEnvironmentStringsA
DeleteCriticalSection
MoveFileExA
FreeEnvironmentStringsW
GetProcessHeaps
LocalCompact
TlsFree
SetLastError
Sleep
WideCharToMultiByte
RtlMoveMemory
SetConsoleCtrlHandler
SetPriorityClass
CreateMutexA
UnlockFile
GetModuleHandleA
SetEnvironmentVariableA
GetDiskFreeSpaceExW
RtlZeroMemory
TlsGetValue
FreeResource
TryEnterCriticalSection
WritePrivateProfileStringA

shell32

ExtractIconEx
SHInvokePrinterCommandA
SheGetDirA

wininet

UnlockUrlCacheEntryFileW

advapi32

RegDeleteValueW
CryptSignHashW
CryptDuplicateKey
RegNotifyChangeKeyValue
RegDeleteValueA
CryptGetKeyParam
RegCreateKeyExW
CryptEnumProviderTypesW
RegEnumKeyA
RegCloseKey
CryptDeriveKey
LookupPrivilegeValueW
ReportEventA
CryptSetKeyParam
CryptHashSessionKey
CryptContextAddRef
AbortSystemShutdownA

user32

DlgDirListComboBoxW
ChildWindowFromPointEx
ImpersonateDdeClientWindow
GetListBoxInfo
ActivateKeyboardLayout
UnhookWindowsHookEx
CreateWindowExA
GetIconInfo
IsCharLowerW
DefWindowProcW
SetWindowsHookExA
RegisterClassExA
DrawTextExW
TranslateAcceleratorA
TranslateAccelerator
DialogBoxParamW
UnregisterDeviceNotification
RegisterClassA
IsCharAlphaW
SetWindowRgn
DdeGetData
ShowWindow
GetClipboardViewer
MessageBoxA
MonitorFromPoint
DestroyWindow
RedrawWindow
CascadeWindows
DdeCreateStringHandleW
IsChild
IsRectEmpty
RemovePropA
DdeGetLastError
InSendMessage

comctl32

InitCommonControlsEx
ImageList_GetImageRect
ImageList_SetFilter

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e44049898875a2851b87ebc5370567

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

wininet

advapi32

user32

comctl32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 112KB - Virtual size: 115KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 112KB - Virtual size: 115KB

.rsrc
Size: 36KB - Virtual size: 32KB