8a311dc629379442b75c300ddaa7b438_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a311dc629379442b75c300ddaa7b438_JaffaCakes118
Size

387KB
MD5

8a311dc629379442b75c300ddaa7b438
SHA1

8f57edd47b1728f41506728bf0dc2da0a17146a1
SHA256

7a7c9209b92cd1956e786d909eb47ce77064c3216c94c67a7dc898a88afa4b6e
SHA512

0f0f5f92ec97c5df460884a897968e6f22413bf5ce9fc922bddcd320d25d3665cd351c67dcb4b0f9b1a2c508ec87560d40cc914e3a01ae6223c7ce14afad112d
SSDEEP

6144:c+We6OHCNIbowe8PdZVKGK/lzkDqqHTu9kiGRwK2AkudHzxqscSw38DqhrvA47UR:JWeXCITKGKGqIQRGRwJu23trv1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a311dc629379442b75c300ddaa7b438_JaffaCakes118

Files

8a311dc629379442b75c300ddaa7b438_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18bfd94730d19f283d3a6b1f58cd7100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegDeleteKeyA
RegRestoreKeyA
RegLoadKeyA
RegQueryValueExA
CryptSetKeyParam
CryptGetUserKey
CreateServiceW
CryptEncrypt
RegSetValueA
RegEnumKeyA
CryptVerifySignatureA
CryptSignHashW
StartServiceW

kernel32

lstrcpynA
GetTimeFormatA
EnumSystemLocalesA
HeapLock
HeapAlloc
WriteConsoleA
WritePrivateProfileSectionA
GetStartupInfoW
TlsGetValue
GetModuleFileNameW
UnhandledExceptionFilter
InitializeCriticalSection
TlsAlloc
GetConsoleOutputCP
GetTickCount
LoadLibraryA
HeapSize
GetDateFormatA
CreateFileA
CloseHandle
SetEnvironmentVariableA
QueryPerformanceCounter
GetACP
InterlockedDecrement
GetVersionExA
GetCurrentThread
HeapReAlloc
GetWindowsDirectoryW
FreeLibrary
GetConsoleMode
LocalShrink
InterlockedCompareExchange
ExitProcess
WriteFile
GetTimeZoneInformation
VirtualAlloc
GetLastError
IsValidLocale
WriteConsoleInputA
HeapFree
GlobalFindAtomA
EnumDateFormatsExW
DeleteCriticalSection
SetConsoleTitleW
GetConsoleCP
CompareStringA
GetStringTypeW
lstrcpy
GetProcessHeap
SetUnhandledExceptionFilter
GetOEMCP
ReadFile
MultiByteToWideChar
LCMapStringA
SetFilePointer
FlushFileBuffers
GlobalHandle
TlsFree
GetComputerNameW
InterlockedExchange
GetCurrentThreadId
SetConsoleCtrlHandler
GetUserDefaultLCID
GetCurrentProcess
IsDebuggerPresent
GetCommandLineW
VirtualUnlock
GetSystemTimeAsFileTime
GetCommandLineA
GetLocaleInfoW
GetCPInfo
CompareStringW
IsValidCodePage
GetEnvironmentStrings
Sleep
GetStringTypeA
SetStdHandle
SetHandleCount
VirtualFree
GetProfileIntW
GetModuleHandleA
OpenSemaphoreW
GetModuleFileNameA
RtlUnwind
GetCurrentProcessId
OpenMutexA
CreateMutexA
SetLastError
UnlockFileEx
GetStartupInfoA
FreeEnvironmentStringsA
VirtualQuery
TerminateProcess
HeapDestroy
LeaveCriticalSection
GetProcAddress
FreeEnvironmentStringsW
InterlockedIncrement
WriteConsoleW
TlsSetValue
ReleaseMutex
GetEnvironmentStringsW
LCMapStringW
HeapCreate
FindResourceExW
GetLocaleInfoA
WideCharToMultiByte
GetFileType
GetStdHandle
EnterCriticalSection

comdlg32

FindTextW
LoadAlterBitmap
PrintDlgA
ChooseColorA

user32

UnhookWinEvent
DdeConnect
DefWindowProcW
GetWindowRect
RegisterClassA
SetWinEventHook
TranslateMessage
GetAsyncKeyState
RegisterClassExA
GetListBoxInfo
BroadcastSystemMessage
EnumWindowStationsA
LoadIconW
SetCaretPos
AnimateWindow
DdeGetData
DdeDisconnectList
CreateDesktopW
SetDlgItemTextA
DlgDirSelectExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18bfd94730d19f283d3a6b1f58cd7100

Headers

File Characteristics

Imports

advapi32

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 10KB - Virtual size: 39KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 10KB - Virtual size: 39KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 6KB - Virtual size: 5KB