86ff4f2c9e4fd30afcd4a444c8060d39_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

86ff4f2c9e4fd30afcd4a444c8060d39_JaffaCakes118
Size

257KB
MD5

86ff4f2c9e4fd30afcd4a444c8060d39
SHA1

4604e5b9bae019eaffcf8311bf93e981e2eae64f
SHA256

5c59dc50087c862e91047556ea7bfe10ff4988c06a718f50493ec094bb22b90f
SHA512

ff07b8ca71f87ea1c8e44f6770d2782a27131b6be62109909dc0a8fe419c850f9827b74405fe1f4e3b525890a07e1808cac39c6af4a67a2a002a2a6276600638
SSDEEP

3072:wS5jxPLn8bywhaYiwEScQWsEetmvevzzDvOO782xOPVuatnlWb8LirHQAj1U41Gp:ht4i62sE2ZzW9fPV7TWaDAj13IzhUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86ff4f2c9e4fd30afcd4a444c8060d39_JaffaCakes118

Files

86ff4f2c9e4fd30afcd4a444c8060d39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ae54a572129433fede3999134b6a0d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
GetTempFileNameW
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
CreateEventW
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoA
CreateDirectoryW
Sleep
GetFileAttributesW
lstrcpynA
lstrlenA
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
LoadLibraryW
FreeLibrary
GetTickCount
MultiByteToWideChar
GetVersionExW
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetVersionExA
GetProcessHeap
SetUnhandledExceptionFilter
HeapCreate
ExitProcess
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
RaiseException
GetStartupInfoA
GetEnvironmentStringsW
QueryPerformanceCounter
GetProcAddress

user32

MessageBoxW
PeekMessageW
SendDlgItemMessageA
LoadMenuA
AppendMenuW
MessageBoxIndirectA
ShowCursor
InsertMenuItemW
WinHelpA
GetSystemMetrics
MonitorFromPoint
EnableMenuItem
CreateDialogIndirectParamW
GetFocus
SetWindowRgn
LoadIconA
GetMenu
GetDesktopWindow
GetActiveWindow
SetMenu
GetClassInfoExW
MessageBoxA
DestroyMenu
EnumClipboardFormats
GetScrollPos

advapi32

FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegDeleteKeyA
EqualSid

shell32

ord680
ShellExecuteExW
SHGetDesktopFolder

security

SealMessage
CompleteAuthToken

gdi32

CreateFontIndirectExA
CreateScalableFontResourceW
SelectBrushLocal
AddFontResourceA
GetRasterizerCaps
GetEnhMetaFileA
CreateSolidBrush
CreateBitmapIndirect
CreatePen
AddFontResourceW
GetStockObject
CreateFontIndirectExW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UNeyY
Size: 1024B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.P
Size: 1024B - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.C
Size: 103KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EI
Size: 3KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qxlzm
Size: 120KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ae54a572129433fede3999134b6a0d1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

security

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.UNeyY Size: 1024B - Virtual size: 48KB

.rdata Size: 3KB - Virtual size: 31KB

.P Size: 1024B - Virtual size: 137KB

.C Size: 103KB - Virtual size: 121KB

.EI Size: 3KB - Virtual size: 304KB

.data Size: 6KB - Virtual size: 131KB

.Qxlzm Size: 120KB - Virtual size: 142KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 12KB - Virtual size: 12KB

.UNeyY
Size: 1024B - Virtual size: 48KB

.rdata
Size: 3KB - Virtual size: 31KB

.P
Size: 1024B - Virtual size: 137KB

.C
Size: 103KB - Virtual size: 121KB

.EI
Size: 3KB - Virtual size: 304KB

.data
Size: 6KB - Virtual size: 131KB

.Qxlzm
Size: 120KB - Virtual size: 142KB

.rsrc
Size: 7KB - Virtual size: 7KB