791141f49c348a50f83458d2f5f7fe82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

791141f49c348a50f83458d2f5f7fe82_JaffaCakes118
Size

356KB
MD5

791141f49c348a50f83458d2f5f7fe82
SHA1

53b6352953740fc9bbf2f646e87710577e7b477e
SHA256

978405fcce9939fae4645d01c5c5bf9147beb92562673988b3916cfccf1cda69
SHA512

0ecb385bc8d018c54126fc21ab1a237ce64763f861886c93e158d7b024646fbf69d3087c41ba021340c3f5e264b7b8f13dd9986335068bfe195565af6c1fb9d6
SSDEEP

6144:jOtwrY4KtBIjAltxgBHCwwqpwendY7fpDXw4zh+XROq6qAPKs79OlDsOYWdhuRlI:jOteY3XEwTgBTKzpU0h0rAPBRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
791141f49c348a50f83458d2f5f7fe82_JaffaCakes118

Files

791141f49c348a50f83458d2f5f7fe82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adaf5c0933eae60b86ea3f7eaa167aae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileAorW

advapi32

RegDeleteValueA
CryptGetProvParam
RegQueryValueW
CryptAcquireContextA
CryptSignHashA
RevertToSelf
CreateServiceA
CryptImportKey
RegRestoreKeyA
RegOpenKeyExW
CryptDestroyHash
RegSetValueExA
RegEnumKeyA
RegQueryValueExW
RegDeleteKeyA
CryptGetUserKey
RegFlushKey
InitializeSecurityDescriptor
CryptEnumProvidersA
CryptEnumProviderTypesW
DuplicateTokenEx
CryptVerifySignatureA
CryptDecrypt
LogonUserA
LookupAccountSidW

comctl32

ImageList_DragLeave
ImageList_SetDragCursorImage
DrawStatusText
DrawStatusTextA
InitCommonControlsEx
ImageList_Replace
ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_SetFlags
CreatePropertySheetPageA
ImageList_GetImageInfo

comdlg32

ChooseFontA
GetOpenFileNameA
ChooseColorA

kernel32

OpenMutexA
GetCurrentProcessId
HeapCreate
ExitProcess
GetShortPathNameA
SetLastError
ReadFileEx
DeleteCriticalSection
lstrlenA
CreateFileMappingA
IsBadWritePtr
ReleaseSemaphore
GetSystemTimeAsFileTime
GetCompressedFileSizeW
SetFilePointer
DuplicateHandle
VirtualQueryEx
GlobalGetAtomNameW
GetLocalTime
SetThreadContext
QueryPerformanceCounter
GetCurrencyFormatA
InterlockedIncrement
LockResource
LeaveCriticalSection
GetStringTypeW
GetStartupInfoW
SetEndOfFile
GetModuleFileNameA
GetEnvironmentStrings
TlsFree
EnumCalendarInfoExW
WideCharToMultiByte
RtlUnwind
OutputDebugStringW
UnhandledExceptionFilter
GetCurrentThread
LoadLibraryA
VirtualQuery
TlsGetValue
GetVersion
GetModuleHandleA
GetStringTypeA
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
LoadLibraryExW
CreateRemoteThread
GetDriveTypeW
InterlockedDecrement
GetTimeZoneInformation
VirtualFree
LCMapStringW
TlsAlloc
lstrcmpiA
GlobalFix
GetWindowsDirectoryW
GetCPInfo
GetCommandLineA
HeapFree
OpenProcess
TlsSetValue
GetProcAddress
GetCurrentProcess
SetEnvironmentVariableA
EnumDateFormatsExW
GetCurrentThreadId
SetPriorityClass
MultiByteToWideChar
CreateFileA
FlushFileBuffers
FreeEnvironmentStringsA
TerminateProcess
CompareStringA
WriteFile
GetStartupInfoA
GetEnvironmentStringsW
OpenSemaphoreA
lstrcmpA
VirtualAlloc
WriteProfileSectionA
GetModuleFileNameW
GetLastError
SetEnvironmentVariableW
LocalCompact
GetCommandLineW
WriteConsoleOutputCharacterA
PulseEvent
ReadFile
GetCompressedFileSizeA
FreeEnvironmentStringsW
ReadConsoleOutputA
ReadConsoleOutputCharacterW
CompareStringW
LCMapStringA
SetHandleCount
SetConsoleWindowInfo
GetSystemTime
GetFileType
HeapReAlloc
SetStdHandle
InterlockedExchange
HeapDestroy
HeapAlloc
DosDateTimeToFileTime
GetTempPathW
InitializeCriticalSection
SetLocaleInfoW
CreateMutexA
SetThreadIdealProcessor
GetStdHandle
CloseHandle
GetTickCount
EnterCriticalSection
lstrcmpW

user32

ShowWindow
CreateWindowExA
MessageBoxW
RegisterClassA
OpenClipboard
MsgWaitForMultipleObjectsEx
DefWindowProcW
ValidateRgn
CharLowerBuffW
GetWindowTextW
EnumDesktopsW
UnregisterClassA
InvalidateRgn
AdjustWindowRect
EndMenu
GetDesktopWindow
OpenWindowStationW
MessageBoxA
DestroyIcon
RegisterClassExA
GetScrollRange
DestroyWindow

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adaf5c0933eae60b86ea3f7eaa167aae

Headers

File Characteristics

Imports

shell32

advapi32

comctl32

comdlg32

kernel32

user32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 88KB - Virtual size: 102KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 88KB - Virtual size: 102KB

.rsrc
Size: 44KB - Virtual size: 41KB