892eb5efc5470e0ab9981e0e21cf0d6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

892eb5efc5470e0ab9981e0e21cf0d6a_JaffaCakes118
Size

432KB
MD5

892eb5efc5470e0ab9981e0e21cf0d6a
SHA1

963c4f6c8ed68ac396f55e87a76a91d0656d434a
SHA256

6dabdeced27b452baf253734dbc42537b238f60d0424d17357cd28c8071b9d1a
SHA512

147ab24943292aeb0e53dca4287e20354f817b1bcb2c89215a0b365aa64417f2ddfde19561fa00b1e6c75f4703e5dd5845355be3aa9005ddddcbfbd6d21f5a42
SSDEEP

12288:E0lWTpbOx/cVPMjxL+eejUo8I2bzPILlVm:FUTpbq/4P0QUI23P4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
892eb5efc5470e0ab9981e0e21cf0d6a_JaffaCakes118

Files

892eb5efc5470e0ab9981e0e21cf0d6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c82414566eee367aad6a3f23c7347f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW

advapi32

ReportEventA
RegQueryValueW
RegDeleteKeyA
CryptVerifySignatureA
CryptEnumProvidersA
LookupPrivilegeNameW
RegQueryMultipleValuesA
CryptGetHashParam
CryptEnumProviderTypesA
GetUserNameA
CryptGetDefaultProviderA
LookupAccountSidA
RegRestoreKeyW
RegCreateKeyExA
StartServiceA

wininet

InternetConnectA
InternetGetConnectedStateExW
GetUrlCacheEntryInfoW
SetUrlCacheGroupAttributeA
FtpPutFileEx
FindNextUrlCacheEntryExA

kernel32

GetStringTypeW
GetLocaleInfoA
TlsFree
GetProcessHeap
GlobalFlags
GetTempFileNameW
QueryPerformanceCounter
InterlockedIncrement
GetTimeZoneInformation
GetOEMCP
GetConsoleMode
CreateProcessA
GetTickCount
CreateDirectoryExW
GetTempPathW
GetCPInfo
RtlUnwind
UnmapViewOfFile
WriteFile
VirtualAllocEx
GetStartupInfoA
GetPrivateProfileSectionA
GetModuleFileNameA
AllocConsole
GetDiskFreeSpaceExW
LCMapStringA
GetConsoleOutputCP
GetLongPathNameW
TransmitCommChar
OpenFile
GetACP
GetTimeFormatA
GetUserDefaultLCID
SetStdHandle
HeapDestroy
Sleep
lstrcpy
SetFilePointer
GetLocaleInfoW
ReleaseMutex
GetExitCodeThread
FreeLibraryAndExitThread
EnterCriticalSection
VirtualAlloc
CreateDirectoryA
SetUnhandledExceptionFilter
GetConsoleTitleW
GetPrivateProfileIntA
FreeEnvironmentStringsW
ReadFile
WriteConsoleW
HeapFree
DeleteFileW
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
HeapValidate
GetStdHandle
CreatePipe
TlsAlloc
GetCurrentProcess
HeapSize
MultiByteToWideChar
GetDateFormatA
DeleteCriticalSection
TerminateProcess
FindFirstFileExW
WideCharToMultiByte
CreateMutexA
GetVersionExA
GetPrivateProfileSectionNamesA
SetLastError
VirtualQuery
lstrcmpiW
GetTempFileNameA
IsValidCodePage
WaitForSingleObjectEx
GetCommandLineA
FreeEnvironmentStringsA
GetLastError
SetHandleCount
IsValidLocale
TlsSetValue
CreateWaitableTimerA
CompareStringW
CompareStringA
GetConsoleCP
GetFileType
OpenMutexA
MoveFileA
LeaveCriticalSection
GetModuleFileNameW
HeapAlloc
WaitForDebugEvent
InitializeCriticalSection
CreateFileA
GetEnvironmentStringsW
HeapCreate
InterlockedDecrement
OpenWaitableTimerA
LoadLibraryA
FlushFileBuffers
SetEnvironmentVariableA
InterlockedExchange
GetProcAddress
WriteConsoleOutputAttribute
SetConsoleCtrlHandler
TlsGetValue
TransactNamedPipe
WriteConsoleA
GetCurrentThread
GetCommandLineW
EnumSystemCodePagesW
GetProfileSectionW
CloseHandle
GetModuleHandleA
HeapReAlloc
HeapLock
GetStringTypeA
lstrcmpW
GetCurrentThreadId
VirtualFree
GetProfileSectionA
WaitForMultipleObjects
GetEnvironmentStrings
IsBadWritePtr
SystemTimeToTzSpecificLocalTime
ExitProcess
GetCurrentProcessId
FreeLibrary
LCMapStringW
EnumSystemLocalesA
LockResource
UnhandledExceptionFilter

shell32

SHEmptyRecycleBinA
CheckEscapesW
FindExecutableA
InternalExtractIconListA

comctl32

ImageList_Create
ImageList_SetBkColor
ImageList_Merge
CreatePropertySheetPageA
ImageList_BeginDrag
ImageList_AddIcon
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetImageRect
ImageList_DragShowNolock
ImageList_Destroy

user32

SetUserObjectInformationW
RegisterClassExA
RegisterClassA
LoadBitmapW
CreatePopupMenu
AppendMenuW
SetWindowsHookW
SetClassLongW
GetUpdateRgn
LoadStringW
PtInRect
ChangeDisplaySettingsW
GetCursorInfo
CloseClipboard
IsMenu
IsClipboardFormatAvailable
DestroyCaret
GetWindowTextW
GetMenuCheckMarkDimensions
IsWindowEnabled
DeferWindowPos
UnpackDDElParam
GetProcessWindowStation
SetMenu
SendInput
TranslateAcceleratorA
ChangeClipboardChain
ModifyMenuA
DlgDirListA
ChangeDisplaySettingsA
InvalidateRect
CreateMDIWindowA
GetDesktopWindow

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c82414566eee367aad6a3f23c7347f4

Headers

File Characteristics

Imports

comdlg32

advapi32

wininet

kernel32

shell32

comctl32

user32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 128KB - Virtual size: 126KB

.data Size: 104KB - Virtual size: 128KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 128KB - Virtual size: 126KB

.data
Size: 104KB - Virtual size: 128KB

.rsrc
Size: 20KB - Virtual size: 18KB