7756c4fea3addee82df005db02c2df4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7756c4fea3addee82df005db02c2df4f_JaffaCakes118
Size

556KB
MD5

7756c4fea3addee82df005db02c2df4f
SHA1

baf76771e488748039ab86c0116b25445bd8367a
SHA256

0c0dcf0f83b03c3525295d8dbd1dde8a4cc69656a7a0fd29abd2810ec7375c7c
SHA512

67ea9510b492641bd41b5dfab4d50dc41ad58fa492f0ad366f0ef80002792ba7221577c186d60b9ca90788dd7f59f0e9c9bc42e97a12f54c068b0c8682ce9d4b
SSDEEP

12288:xsyCrIi7maWHmyg2flt/q8UwmNTMirffsDsnY8iWi+3e46:xstrIi7maumy3flti8UwmdMY0odiWi+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7756c4fea3addee82df005db02c2df4f_JaffaCakes118

Files

7756c4fea3addee82df005db02c2df4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

618806ffcd35fac5766b6c51996d2621

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\t

Imports

comdlg32

FindTextW
GetSaveFileNameW

kernel32

FlushFileBuffers
HeapFree
GetStartupInfoW
GetFileType
GetStringTypeA
FlushConsoleInputBuffer
GetModuleFileNameA
SetFilePointer
UnhandledExceptionFilter
SetVolumeLabelW
ReadConsoleInputW
GetModuleHandleA
InterlockedExchange
GetCommandLineW
WritePrivateProfileSectionA
SetConsoleOutputCP
WideCharToMultiByte
GlobalGetAtomNameA
WaitForMultipleObjects
ReadConsoleA
CreateFileW
RtlFillMemory
GetConsoleCursorInfo
VirtualProtect
GlobalLock
LCMapStringW
GetDiskFreeSpaceExW
CreateMutexA
TlsFree
GetProcAddress
VirtualUnlock
InterlockedDecrement
WriteConsoleInputW
CreateNamedPipeW
OpenFile
EnumResourceNamesW
TlsSetValue
SetConsoleActiveScreenBuffer
GetCPInfo
UnmapViewOfFile
DuplicateHandle
GetSystemTime
SetLastError
DeleteFiber
WriteFile
SetUnhandledExceptionFilter
CloseHandle
GetSystemTimeAsFileTime
GetEnvironmentStringsA
DeleteCriticalSection
GetStdHandle
OpenWaitableTimerA
GetCommandLineA
WriteConsoleOutputAttribute
GetThreadPriorityBoost
GetNumberFormatW
WaitForSingleObject
SetHandleCount
ReadConsoleInputA
InterlockedIncrement
HeapDestroy
HeapCreate
LoadLibraryA
InitializeCriticalSection
CompareStringW
lstrcatA
GetProcessShutdownParameters
GetCurrentThreadId
GetCurrentProcessId
ExpandEnvironmentStringsW
GetNamedPipeHandleStateA
GetConsoleTitleA
FindNextFileW
GetModuleFileNameW
WriteConsoleA
CompareFileTime
QueryPerformanceCounter
LeaveCriticalSection
LocalHandle
TlsAlloc
EnumCalendarInfoW
EnumSystemLocalesW
VirtualAlloc
GetEnvironmentStrings
Sleep
GlobalFree
GetStringTypeW
SetPriorityClass
ExitProcess
FindFirstFileA
TlsGetValue
GetEnvironmentStringsW
ExitThread
GetTimeZoneInformation
EnumCalendarInfoA
AllocConsole
GetProfileStringW
VirtualFree
FoldStringA
GetVersion
OpenMutexA
FreeEnvironmentStringsW
SetStdHandle
EnterCriticalSection
GetCurrentThread
GetTickCount
RtlUnwind
SetEnvironmentVariableA
VirtualLock
LCMapStringA
GetLastError
lstrcpyA
SetSystemTime
GetPrivateProfileSectionW
ReadFile
IsBadWritePtr
FindNextChangeNotification
HeapAlloc
CompareStringA
GetStartupInfoA
MoveFileW
GetFileAttributesExW
FreeEnvironmentStringsA
VirtualQuery
MultiByteToWideChar
MapViewOfFile
HeapReAlloc
InterlockedExchangeAdd
GetSystemTimeAdjustment
GetDiskFreeSpaceExA
CreateThread
SetConsoleCursorPosition
GetCurrentProcess
GetLocalTime
TerminateProcess

comctl32

ImageList_EndDrag
InitMUILanguage
ImageList_SetImageCount
ImageList_GetIcon
ImageList_DrawEx
ImageList_SetDragCursorImage
ImageList_Remove
ImageList_AddMasked
ImageList_DragMove
GetEffectiveClientRect
ImageList_BeginDrag
ImageList_Write
ImageList_DragEnter
InitCommonControlsEx
ImageList_GetIconSize
CreateStatusWindowW
ImageList_Read
CreateStatusWindowA
ImageList_Draw
CreateUpDownControl
ImageList_GetImageCount
ImageList_AddIcon
ImageList_SetFilter
ImageList_DragShowNolock

wininet

InternetSetCookieW
InternetCrackUrlW

advapi32

CryptSetHashParam
CryptDeriveKey
RegSetValueW
RegReplaceKeyA
RegCloseKey
CryptGenRandom
LogonUserA
CryptAcquireContextW
RegEnumValueA
LookupAccountNameA
CryptGetKeyParam
CryptGetUserKey
RegEnumKeyExA
CryptGetDefaultProviderW
CryptSetProvParam
InitiateSystemShutdownW
CryptReleaseContext
CryptDestroyHash
RegQueryValueExW
RegEnumKeyW
RegQueryValueW

shell32

ExtractAssociatedIconW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExA
SHAppBarMessage

user32

WINNLSEnableIME
SetRectEmpty
TranslateMDISysAccel
PtInRect
LoadImageW
GetClassLongW
RegisterClassExA
CharToOemW
GetWindowTextLengthA
IsCharLowerA
GetIconInfo
BringWindowToTop
UnregisterDeviceNotification
CheckMenuRadioItem
SetFocus
OemToCharBuffA
ScrollWindow
SetShellWindow
GetMonitorInfoA
RegisterClassA

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

618806ffcd35fac5766b6c51996d2621

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

comctl32

wininet

advapi32

shell32

user32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 108KB - Virtual size: 129KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 108KB - Virtual size: 129KB

.rsrc
Size: 24KB - Virtual size: 23KB