94625cc30a5fd0f6974243a7a97255fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94625cc30a5fd0f6974243a7a97255fe_JaffaCakes118
Size

480KB
MD5

94625cc30a5fd0f6974243a7a97255fe
SHA1

da940ee0dc7fd4b40fc2ec4f5f216033f5cf8bc8
SHA256

5c1380726f45127510b886ee34b98dda83e58bbaa93c17eac36ec5d7e0cdeb9f
SHA512

dda86693870ed5eff5d52d79b5ca1564681f13f72787c0e7d02360c31a56d606c18ddc43b990c027686627d419b097cba5f431c6a0a74acbb170a9cfea5d6dc3
SSDEEP

12288:AK5kshjPNNUbOQMx3TfMJrQLZygx5CdN2/oR:AokqPNNXxwJrQLdW2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94625cc30a5fd0f6974243a7a97255fe_JaffaCakes118

Files

94625cc30a5fd0f6974243a7a97255fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03f636ed24d528a33b7233d086b4fc1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDuplicateHash
CryptSetProviderExW
CryptDecrypt
CryptContextAddRef
CreateServiceW
CryptGetUserKey
CryptDuplicateKey
CryptExportKey
LookupPrivilegeValueA
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteValueA
RegRestoreKeyW
RegEnumValueW
CryptEnumProviderTypesW
CryptGetDefaultProviderW
RegLoadKeyW
LookupAccountNameA
CryptEnumProviderTypesA
RegQueryMultipleValuesA
RegCreateKeyExA

gdi32

EnumMetaFile
GetTextExtentPointA
SetWorldTransform
CreateDiscardableBitmap
Escape
GetCharWidth32A
GetEnhMetaFilePaletteEntries
RemoveFontResourceW
EndPage
DeleteDC
GetColorAdjustment
SelectClipPath
CreatePenIndirect
SetColorSpace
RectVisible
SelectClipRgn
GetPath
Polygon
CreateMetaFileA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameA

shell32

ShellHookProc
SHGetPathFromIDList
ExtractIconA
ShellExecuteW
SHAppBarMessage

kernel32

DeleteCriticalSection
CompareStringA
GetTimeZoneInformation
GetACP
FileTimeToDosDateTime
SetConsoleCtrlHandler
UnhandledExceptionFilter
FillConsoleOutputCharacterW
GetStartupInfoA
EnumDateFormatsExA
InitializeCriticalSectionAndSpinCount
WriteFile
GetStringTypeA
TerminateProcess
GetTempFileNameA
VirtualQuery
GetLocaleInfoW
LCMapStringW
MultiByteToWideChar
FreeEnvironmentStringsW
GetTimeFormatA
HeapSize
LoadLibraryA
HeapReAlloc
GetCurrentThreadId
GetStringTypeW
RtlUnwind
GetLocaleInfoA
Sleep
CreateFileMappingW
GetCPInfo
GetSystemTimeAsFileTime
WideCharToMultiByte
InterlockedIncrement
GetStdHandle
SetHandleCount
ExitProcess
CreateDirectoryExW
GetCurrentProcessId
TlsGetValue
VirtualFree
CommConfigDialogA
GlobalLock
SetUnhandledExceptionFilter
GetCommandLineW
IsValidCodePage
GetTickCount
GetLastError
VirtualAlloc
CompareStringW
GetModuleHandleA
GlobalAlloc
EnumCalendarInfoW
HeapFree
GetFileType
InterlockedDecrement
GetCurrentProcess
GetModuleHandleW
TlsAlloc
EnterCriticalSection
GetDiskFreeSpaceW
HeapDestroy
IsDebuggerPresent
HeapCreate
GetModuleFileNameW
EnumSystemLocalesA
QueryPerformanceCounter
GetUserDefaultLCID
GetDateFormatA
GetOEMCP
CreateProcessW
SystemTimeToFileTime
GetCurrentThread
GetEnvironmentStringsW
FreeLibrary
GetModuleFileNameA
InterlockedExchange
LCMapStringA
LeaveCriticalSection
IsValidLocale
WriteConsoleW
GetTempFileNameW
SetEnvironmentVariableA
GetProcAddress
TlsSetValue
HeapAlloc
TlsFree
SetLastError
GetStartupInfoW

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03f636ed24d528a33b7233d086b4fc1b

Headers

File Characteristics

Imports

advapi32

gdi32

comdlg32

shell32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 9KB - Virtual size: 26KB

.data Size: 283KB - Virtual size: 282KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 9KB - Virtual size: 26KB

.data
Size: 283KB - Virtual size: 282KB

.rsrc
Size: 12KB - Virtual size: 12KB