87f235c00e8c3960b264192621f594ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87f235c00e8c3960b264192621f594ae_JaffaCakes118
Size

104KB
MD5

87f235c00e8c3960b264192621f594ae
SHA1

2f156a9f861cda356c4ddf332d71937ac9962c68
SHA256

7abf424fd57e49756307cc07e05627470a0d1f000a3c8fcc422ea4391981f6a2
SHA512

a6c97345036625872512617cffd5cdde9d404e85e18e2bbf8f0eaf7d0b0d4d8b373f68c65fb97938a295d560b73f906b20ef3dcb1776cc4691ffbe0c1b7be945
SSDEEP

1536:vwCKiKcgbtFF8d1eXyngejX81sc7/vyvigrqrii/y9QXON7dm5Tgw0:aSgF8reXynlj81GSiiKCON5mlF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87f235c00e8c3960b264192621f594ae_JaffaCakes118

Files

87f235c00e8c3960b264192621f594ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e8dfb0e07693fd438a71fa268322521

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetSystemDirectoryA
GetTempFileNameA
GetVersionExA
WideCharToMultiByte
GetProcAddress
LoadLibraryA
lstrcpynA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
MultiByteToWideChar
IsDebuggerPresent
lstrlenW
lstrcpyA
SetLastError
FreeLibrary
WinExec
OpenProcess
WriteFile
CreateFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
ExpandEnvironmentStringsA
CreateThread
HeapCreate
HeapDestroy
HeapReAlloc
GetLastError
GetVolumeInformationA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetCurrentProcess
ReadFile
DuplicateHandle
CreatePipe
GetStdHandle
GetTickCount
ExitProcess
CreateNamedPipeA
GetShortPathNameA
SetErrorMode
SetPriorityClass
OutputDebugStringA
GetCurrentThreadId
GetProcessHeap
HeapFree
SetFilePointer
MoveFileA
CompareStringA
lstrcmpiA
CompareStringW
GetProcessTimes
DeleteFileA
WaitForSingleObject
CreateToolhelp32Snapshot
CloseHandle
Thread32First
Thread32Next
lstrcatA
lstrcmpA
Sleep
GetFileAttributesA
GetFileTime
FileTimeToSystemTime
lstrlenA
GlobalFree
LocalFree
GetSystemInfo
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceA
GetSystemTime
GetComputerNameA
GlobalAlloc
GetACP
GetOEMCP
GetCurrentDirectoryA
GetTempPathA
GetModuleHandleA
HeapAlloc
GetModuleFileNameA

user32

EnumThreadWindows
ShowWindow
MessageBoxA
EnumDisplaySettingsA
GetSystemMetrics
wsprintfA
wvsprintfA
LockSetForegroundWindow
CharLowerBuffA
CharUpperBuffA
GetKeyboardLayoutNameA

advapi32

CryptHashData
CryptDecrypt
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegEnumValueW
RegQueryValueExW
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
GetUserNameA
CryptCreateHash
CryptAcquireContextA
OpenProcessToken
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
CryptGenRandom
CryptDeriveKey

oleaut32

SysAllocString
SafeArrayPutElement
SafeArrayCreate
VariantInit
SysFreeString

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA
ord680

ole32

CoCreateInstance
OleInitialize
CoTaskMemFree

psapi

EnumProcesses
GetModuleFileNameExA

shlwapi

StrStrIA

crypt32

CryptUnprotectData

iphlpapi

GetNetworkParams

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa

urlmon

URLDownloadToFileA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e8dfb0e07693fd438a71fa268322521

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

shell32

ole32

psapi

shlwapi

crypt32

iphlpapi

ws2_32

urlmon

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 14KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 14KB