86f8629846dd82b3dba6ec6c5ae3a9f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86f8629846dd82b3dba6ec6c5ae3a9f9_JaffaCakes118
Size

465KB
MD5

86f8629846dd82b3dba6ec6c5ae3a9f9
SHA1

e2dae57867b3f7b081ef81d98c15e68e79481e8e
SHA256

e7eb649a37b17227af3bc6af56d911414dab7dbde661daaa31012a5e60fbb8a5
SHA512

e97914b6e81fe0c63e6ad79e50e1e8b50e6f9ffd21be346702384d0f4b4207d4599d7e3916f274ac5c0f36f935d21f341db959b286f6376456bde1e4581682ba
SSDEEP

6144:8bFkiuL66aLF+uAnqb7kmPJBR40+xz/XHeVNikw/DgQEfmwsUTRk9bHK4OnOR0Qc:8y3JuAqbAaBR4PxjeanrEfmQUHK7QvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86f8629846dd82b3dba6ec6c5ae3a9f9_JaffaCakes118

Files

86f8629846dd82b3dba6ec6c5ae3a9f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a3a2c991042add230c813635e2fa922

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ihupyvoe\jmtyvjpph\fywz

Imports

kernel32

HeapSize
CreateFileA
HeapDestroy
IsBadWritePtr
HeapFree
IsValidLocale
GetLocalTime
EnterCriticalSection
WriteProfileSectionW
GetCurrentProcessId
SetFilePointer
lstrlenA
GlobalGetAtomNameA
VirtualProtect
ExitProcess
GetSystemInfo
GetVersionExA
FlushFileBuffers
GetOEMCP
GlobalSize
HeapCreate
FreeEnvironmentStringsA
GetFullPathNameA
WriteConsoleW
RtlUnwind
TlsAlloc
EnumSystemLocalesA
GetStdHandle
GetSystemTimeAsFileTime
InterlockedExchange
GetEnvironmentStringsW
DeleteAtom
UnhandledExceptionFilter
TlsGetValue
GetStringTypeA
LeaveCriticalSection
GetLocaleInfoA
WriteFile
CompareStringW
TerminateProcess
SetLastError
LCMapStringW
LocalSize
HeapReAlloc
GetTimeFormatA
lstrcpyW
GetStringTypeW
GetUserDefaultLCID
SetEnvironmentVariableA
VirtualQuery
SetStdHandle
ReadFile
GetFileType
GetCurrentThreadId
GetPrivateProfileIntW
GetProcAddress
OpenMutexA
InitializeCriticalSection
FreeEnvironmentStringsW
GetModuleFileNameA
CompareStringA
SetHandleCount
HeapAlloc
CreateMutexA
DeleteCriticalSection
VirtualFree
GetCurrentProcess
SetConsoleTextAttribute
OpenFile
GetTimeZoneInformation
ReleaseMutex
GetStartupInfoA
GetModuleHandleA
QueryPerformanceCounter
GetCPInfo
GetCommandLineA
GetDateFormatA
LoadLibraryA
WideCharToMultiByte
TlsSetValue
CloseHandle
GetCurrentThread
IsValidCodePage
GetLocaleInfoW
CreateToolhelp32Snapshot
TlsFree
GetTickCount
GetEnvironmentStrings
VirtualAlloc
GetLastError
MultiByteToWideChar
GetCurrencyFormatA
LCMapStringA
GetACP

comctl32

ImageList_GetBkColor
ImageList_Merge
DrawInsert
ImageList_SetFilter
ImageList_Copy
ImageList_GetIconSize
ImageList_Create
ImageList_GetImageInfo
ImageList_Read
CreateUpDownControl
ImageList_Remove
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_GetImageRect
ImageList_SetIconSize
ImageList_BeginDrag
ImageList_DragEnter

advapi32

LookupAccountNameW
CryptEncrypt
CryptSetProvParam
RegSetValueExA
RegQueryValueExW
CryptSetProviderA
RegOpenKeyW
ReportEventW
CryptGetKeyParam
LookupPrivilegeDisplayNameA
CryptAcquireContextA
RegSetValueExW
RegSetKeySecurity
RegLoadKeyW
CryptDestroyKey

user32

GetClipboardViewer
IsDialogMessage
CharNextExA
ClientToScreen
RegisterClassA
EnumWindows
SwitchToThisWindow
RegisterDeviceNotificationA
RegisterClassExA
LoadMenuA
CreateMDIWindowW
GetDialogBaseUnits
GetWindowInfo
ModifyMenuW
DefDlgProcA
UnhookWindowsHookEx
CreateWindowExW
GetWindowLongW
ShowWindow
OpenClipboard
GetUserObjectInformationW
GrayStringA
MessageBoxW
DdeAbandonTransaction
WinHelpA
GetClassWord
MenuItemFromPoint
MapVirtualKeyExW

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a3a2c991042add230c813635e2fa922

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

advapi32

user32

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 23KB - Virtual size: 43KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 23KB - Virtual size: 43KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 8KB - Virtual size: 8KB