89ce5752fb503150f9d96622354241bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89ce5752fb503150f9d96622354241bf_JaffaCakes118
Size

435KB
MD5

89ce5752fb503150f9d96622354241bf
SHA1

dbf3d2191d649548fbe85b9f779e3c7f5edfbba2
SHA256

bbf1b074523b8e484cfa151b843fcafa6c9ffef03d1c709733887a967b684897
SHA512

68bdc7697ebf63010c160eab5dcabbd4b90397a0924f4907880edbb82612aa6cc7b708087c0b8c82ab95e3d2d422146883054a726006a3aa3aa9fba1f5161f12
SSDEEP

12288:7V5BxpHLUMHo89owPVSwi0NiU6aLd7LR4Bv/Mn30EE14:88C21wvUn32

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ce5752fb503150f9d96622354241bf_JaffaCakes118

Files

89ce5752fb503150f9d96622354241bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79f13717750bee75d29192071dddd135

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsA
GetKeyboardState
CreateIconFromResource
ShowCursor
FillRect
CallWindowProcW
GetForegroundWindow
TranslateAccelerator
CharLowerW
MessageBoxIndirectW
UnregisterHotKey
IsCharLowerA
LoadCursorFromFileW
EnumWindows
MapWindowPoints
DrawFocusRect
SetMenuItemInfoA
GetMenuBarInfo
LoadCursorFromFileA
DdeInitializeA

comdlg32

GetFileTitleA
PrintDlgW
ChooseFontW
PrintDlgA
FindTextW
PageSetupDlgW
GetSaveFileNameA
ReplaceTextW
ReplaceTextA
LoadAlterBitmap
GetSaveFileNameW
ChooseColorW
GetOpenFileNameA
FindTextA
ChooseColorA
GetOpenFileNameW
PageSetupDlgA

shell32

SHFileOperationA
SheChangeDirA
SHGetFileInfo
DragFinish
RealShellExecuteExW
SHUpdateRecycleBinIcon
SHAddToRecentDocs
SHGetPathFromIDListW
SHGetMalloc
SHGetNewLinkInfo
FindExecutableW
SHGetDesktopFolder
SHFreeNameMappings
SHInvokePrinterCommandW

gdi32

GetTextMetricsW
PlayEnhMetaFileRecord
GetCharWidthA
DeleteMetaFile
LPtoDP
GetObjectW
ExtEscape
GetCharWidthFloatA
GetMetaRgn
CreateDCA
ResetDCA
GetCharWidth32W
GetRgnBox
GetICMProfileA
GetTextExtentPointA
GdiFlush
GetStockObject
GetBitmapDimensionEx
SetDIBits
GetTextColor

kernel32

WideCharToMultiByte
GetDateFormatA
HeapAlloc
CompareStringW
LoadLibraryExW
EnterCriticalSection
GetTickCount
VirtualProtectEx
HeapFree
GetLocaleInfoW
HeapSize
FreeEnvironmentStringsA
GetVersionExA
VirtualFree
QueryPerformanceCounter
TlsFree
ReadConsoleW
GetStdHandle
FreeEnvironmentStringsW
GetModuleFileNameW
TlsGetValue
GetCurrentProcessId
RtlUnwind
GetCommandLineW
lstrcat
HeapDestroy
DeleteCriticalSection
IsBadWritePtr
IsValidLocale
GetStringTypeA
TlsSetValue
ExitProcess
TerminateProcess
GetStartupInfoA
VirtualQuery
GetModuleHandleA
GetStartupInfoW
GetUserDefaultLCID
SetLastError
FindNextChangeNotification
TlsAlloc
VirtualQueryEx
WriteFile
GetEnvironmentStringsW
SetEnvironmentVariableA
InterlockedExchange
GetEnvironmentStrings
LeaveCriticalSection
GetCPInfo
LCMapStringA
DuplicateHandle
GetStringTypeW
GetSystemInfo
GetProcAddress
GetLastError
VirtualAlloc
GetModuleFileNameA
WaitForMultipleObjects
HeapCreate
GetSystemTime
SetLocaleInfoW
GetOEMCP
GetACP
HeapReAlloc
GetCommandLineA
GetTimeZoneInformation
GetProfileIntW
GetTimeFormatA
GetCurrentProcess
MultiByteToWideChar
UnhandledExceptionFilter
EnumSystemLocalesW
InitializeCriticalSection
GetFileType
VirtualProtect
IsValidCodePage
PulseEvent
GetLocaleInfoA
CompareStringA
LCMapStringW
GetCurrentThread
EnumSystemLocalesA
GetCurrentThreadId
SetHandleCount
LoadLibraryA
GetSystemTimeAsFileTime

advapi32

CryptGenKey
CryptCreateHash
CryptAcquireContextW
CreateServiceW
LookupPrivilegeNameA
CryptEnumProviderTypesA
CryptSetHashParam
RegCreateKeyExA
CryptGetProvParam
RegReplaceKeyA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegSetKeySecurity
RegQueryValueA
RegCreateKeyW
RegConnectRegistryW
LookupAccountNameA
StartServiceW
CryptAcquireContextA
LookupAccountNameW

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79f13717750bee75d29192071dddd135

Headers

File Characteristics

Imports

user32

comdlg32

shell32

gdi32

kernel32

advapi32

Sections

.text Size: 150KB - Virtual size: 150KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 150KB - Virtual size: 150KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 6KB - Virtual size: 5KB