892720b07e759232e8a7709cc9bdfb15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

892720b07e759232e8a7709cc9bdfb15_JaffaCakes118
Size

368KB
MD5

892720b07e759232e8a7709cc9bdfb15
SHA1

0cccd94abdd7328d28fa20c0a0d8514e3e2ae90d
SHA256

64099b7f7fb24cdbab6aa386011cad41c1848b2146c1b1c951c5aa1a5fe5ba17
SHA512

b4434f4ca33ef9647233972451e1784f7c2fad0ffd43eef01286466a589637688ff2600923d55a8862d76cc0a3c352acc4cd4d18d065cd96ab73ad55069c94b8
SSDEEP

6144:JlkoVSbobzjnSX60R4ovi2cNiBZR2tQzZNOv2gybhsYCIa/J4vyLmkUvm8:JllOq0RFGi4tINOIdC7/Ov+5Im

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
892720b07e759232e8a7709cc9bdfb15_JaffaCakes118

Files

892720b07e759232e8a7709cc9bdfb15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1aeacfb62a1afe36d063e7711ad94d63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
SetFilePointer
SetEnvironmentVariableA
GetLastError
GetStringTypeW
SetStdHandle
VirtualQuery
GetStartupInfoW
GetProcAddress
GetModuleHandleA
TlsFree
ReadConsoleInputW
GetTickCount
LeaveCriticalSection
RtlUnwind
VirtualAlloc
GetCPInfo
ExitProcess
GetSystemTime
TerminateProcess
OpenMutexA
MultiByteToWideChar
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
LCMapStringW
CloseHandle
HeapFree
HeapDestroy
InterlockedIncrement
LCMapStringA
GetStdHandle
GetStartupInfoA
CreateMutexA
GetTimeZoneInformation
LoadLibraryExA
GetCurrentThreadId
VirtualFree
TlsAlloc
FlushFileBuffers
GetCommandLineA
TlsGetValue
SetLastError
CommConfigDialogA
TlsSetValue
FreeEnvironmentStringsA
InterlockedExchange
GetModuleFileNameA
IsBadWritePtr
ReadFile
GetLocalTime
GlobalAlloc
InterlockedDecrement
DeleteCriticalSection
WideCharToMultiByte
GetCurrentThread
SetHandleCount
IsValidCodePage
GetModuleFileNameW
GetFileType
WriteFile
GetCommandLineW
GetVersion
QueryPerformanceCounter
GetCurrentProcess
GetCurrentProcessId
InitializeCriticalSection
GetEnvironmentStringsW
LoadLibraryA
GetEnvironmentStrings
FreeEnvironmentStringsW
CompareStringW
HeapCreate
UnhandledExceptionFilter
CompareStringA
EnterCriticalSection
GetStringTypeA

comctl32

ImageList_AddIcon
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_LoadImage

user32

MessageBoxW
DefWindowProcA
IsDlgButtonChecked
NotifyWinEvent
GetClassInfoA
wvsprintfA
GetWindowTextA
OpenWindowStationA
CreateDesktopA
CreateWindowExA
GetSysColor
AnyPopup
SetParent
ShowWindow
DestroyWindow
SetCaretPos
RegisterClassExA
KillTimer
UnregisterDeviceNotification
DdeQueryStringW
SendDlgItemMessageA
InSendMessage
MapVirtualKeyExA
RegisterClassA
GetClipboardViewer
EnumWindows
TranslateMessage

advapi32

RegLoadKeyA
CreateServiceW
CryptHashSessionKey
CryptEncrypt
RegOpenKeyW
RegQueryInfoKeyW
CryptSetProviderExW
CryptVerifySignatureW
RegCreateKeyA
RegQueryInfoKeyA
RegEnumKeyW
RegOpenKeyExA
RegEnumKeyExA
LookupPrivilegeDisplayNameA
CryptVerifySignatureA
RegReplaceKeyW
LogonUserW
CryptSignHashA
DuplicateTokenEx
InitiateSystemShutdownA
RegSetValueExW
AbortSystemShutdownA
RegDeleteKeyW
LookupPrivilegeNameA

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1aeacfb62a1afe36d063e7711ad94d63

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 96KB - Virtual size: 109KB

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 96KB - Virtual size: 109KB

.rsrc
Size: 88KB - Virtual size: 87KB