8ec8c9e39076a446269753b1193ffe24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ec8c9e39076a446269753b1193ffe24_JaffaCakes118
Size

422KB
MD5

8ec8c9e39076a446269753b1193ffe24
SHA1

32d9f830df42c339abfcf73a4c4237f1b894815c
SHA256

9c02161cb23ba54a78f2df65d9dd16ace482c2986595554f920887d6b3959c53
SHA512

939ffd8434fbc40767764fd9931a511425f3bdc9cf3ea93ac76509ba45ae4613d637aff166c29ba173a8cfb7e2d341a2fe52b0f06039d4d2200699ed327b0680
SSDEEP

12288:MZfcp6WQZTBYgcxV9qs+zSRuft7x55jUMWdO:iZPcks+2sHw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec8c9e39076a446269753b1193ffe24_JaffaCakes118

Files

8ec8c9e39076a446269753b1193ffe24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

003180459b32abb946068fb22aba3a00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutA
SHGetDiskFreeSpaceA
DragQueryFileAorW
ExtractAssociatedIconExA
ExtractIconEx
SHGetMalloc
DragFinish
ShellExecuteExW
ExtractAssociatedIconW
SheSetCurDrive
SHFileOperationW
ExtractAssociatedIconA
SHInvokePrinterCommandA
SHFreeNameMappings
SHBrowseForFolderA
SHBrowseForFolder
SHGetSpecialFolderLocation
CheckEscapesW
SHQueryRecycleBinW
SHGetFileInfoW

gdi32

DrawEscape
CreatePolyPolygonRgn
GetAspectRatioFilterEx
AddFontResourceW
CopyMetaFileW
PlayEnhMetaFileRecord
GetCharABCWidthsA
CreateEnhMetaFileW
SelectClipPath
SetICMProfileW
CreatePalette
GetTextColor
ColorMatchToTarget
GetTextExtentPoint32A
StartPage

comdlg32

PageSetupDlgA
FindTextA
ChooseColorA
ReplaceTextW
PrintDlgW
ChooseFontA
GetOpenFileNameA
PrintDlgA
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgW

advapi32

RegSaveKeyA
LookupSecurityDescriptorPartsW
RegEnumValueA
CryptContextAddRef
RegSaveKeyW
CryptSetHashParam
CryptImportKey
RegQueryValueExA
AbortSystemShutdownA
RegOpenKeyExA
RegEnumKeyA
CryptDeriveKey
RegOpenKeyW
LookupAccountNameW
RegEnumValueW
RegSetValueExA
LookupSecurityDescriptorPartsA
AbortSystemShutdownW
CreateServiceW
RegConnectRegistryA

kernel32

TlsSetValue
lstrcpyW
GlobalGetAtomNameA
GetSystemTimeAsFileTime
lstrcatA
GetTimeFormatA
GetTimeZoneInformation
DeleteCriticalSection
FreeEnvironmentStringsA
GetCurrentThreadId
CreateDirectoryA
LCMapStringA
SetLastError
ExitProcess
GetModuleFileNameW
GetOEMCP
GetStringTypeW
GetEnvironmentStringsW
GlobalUnfix
SetEnvironmentVariableA
EnumResourceLanguagesW
GetFileType
WideCharToMultiByte
UnhandledExceptionFilter
OpenSemaphoreA
EnumCalendarInfoExW
WritePrivateProfileSectionA
TlsAlloc
IsValidLocale
LeaveCriticalSection
TlsFree
InterlockedExchangeAdd
IsValidCodePage
InitializeCriticalSection
InterlockedExchange
GetVersionExA
GetStartupInfoA
TerminateProcess
GetModuleFileNameA
LCMapStringW
GetModuleHandleA
GetCPInfo
GetCurrentThread
HeapFree
GetStringTypeExW
SystemTimeToFileTime
VirtualQuery
GetStdHandle
GetCommandLineA
GetCommandLineW
GetACP
FindFirstFileExA
GetStringTypeA
EnumSystemLocalesA
SetHandleCount
WriteFile
MultiByteToWideChar
GetProcAddress
GetUserDefaultLCID
VirtualProtect
RtlUnwind
GetEnvironmentStrings
HeapDestroy
CompareStringW
FreeEnvironmentStringsW
LoadLibraryA
GetDateFormatA
GetTickCount
QueryPerformanceCounter
GetLocaleInfoA
GetLocaleInfoW
HeapCreate
HeapReAlloc
EnterCriticalSection
GetCurrentProcess
HeapSize
ReadConsoleA
GetLastError
GetSystemTimeAdjustment
GetCurrentProcessId
HeapAlloc
VirtualFree
VirtualAlloc
GetModuleHandleW
CommConfigDialogA
GetSystemInfo
GetStartupInfoW
TlsGetValue
CompareStringA
IsBadWritePtr

wininet

ShowX509EncodedCertificate
SetUrlCacheEntryInfoA
InternetShowSecurityInfoByURL
InternetGetCookieW
GetUrlCacheEntryInfoExW
InternetGetCertByURL
CreateUrlCacheEntryA
InternetCrackUrlW
FindFirstUrlCacheContainerW
InternetQueryOptionA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

003180459b32abb946068fb22aba3a00

Headers

File Characteristics

Imports

shell32

gdi32

comdlg32

advapi32

kernel32

wininet

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 272KB - Virtual size: 276KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 272KB - Virtual size: 276KB

.rsrc
Size: 3KB - Virtual size: 2KB