9ffd0b9d3ffbb30359172a5decc301d2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9ffd0b9d3ffbb30359172a5decc301d2_JaffaCakes118
Size

427KB
MD5

9ffd0b9d3ffbb30359172a5decc301d2
SHA1

a48fd96ac23aa71e690736e75ed7b9a7525f8d0b
SHA256

c2a8ddb10f45cf94e9798793482b8082c1de6093bf56a3e9ee6bf920f0f59228
SHA512

3cba91a010851f85b210f40791d2f9e5858ce546f06f4c646a723eaf866361131037f58018b883d4dcc4f755d3c8df108a50ba7bee64a0131c53c6d120de7149
SSDEEP

12288:M4HerCVN2SZ5XMJ24S6rX61ZbUeBAZ7+bLYs6+ncHF:MprWN2SZ5XF4S6D6Fux+gnF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ffd0b9d3ffbb30359172a5decc301d2_JaffaCakes118

Files

9ffd0b9d3ffbb30359172a5decc301d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a23d6dffb4517ce05a7e92e6384a7dc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
GetFileTitleA
PageSetupDlgA
PrintDlgW
GetSaveFileNameA

gdi32

GetDeviceGammaRamp
CreatePolygonRgn
Polygon
LPtoDP

user32

SetMenuInfo
LoadIconW
GetWindowTextLengthW
SetPropA
TileChildWindows
CreateIconIndirect
DdeAccessData
MsgWaitForMultipleObjectsEx
EndTask

advapi32

InitiateSystemShutdownW
CryptSetKeyParam
LookupPrivilegeDisplayNameW
CryptSetProviderExW
RegSetKeySecurity
LookupAccountNameW
StartServiceA
DuplicateTokenEx
CryptAcquireContextW
LookupPrivilegeNameW
CryptHashData
LookupAccountSidA
RegOpenKeyA

kernel32

HeapDestroy
GetLocaleInfoW
HeapCreate
GetStartupInfoA
InterlockedIncrement
GetCommandLineA
EnumResourceLanguagesW
InterlockedExchange
Sleep
HeapReAlloc
LeaveCriticalSection
GetCurrentThreadId
TlsFree
SetLastError
VirtualQuery
FreeLibrary
VirtualAlloc
WriteFile
GetTempPathA
GetTimeZoneInformation
SetConsoleCtrlHandler
ExitProcess
GetCurrentProcess
LCMapStringW
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapSize
DeleteCriticalSection
ReadConsoleOutputA
GetCPInfo
GetEnvironmentStrings
GetUserDefaultLCID
GetStdHandle
GetTimeFormatA
GetModuleFileNameA
GetEnvironmentStringsW
TlsSetValue
GetACP
IsValidCodePage
CompareStringA
ResumeThread
GetCommandLineW
LoadLibraryA
EnterCriticalSection
VirtualFree
UnhandledExceptionFilter
GetModuleHandleA
FreeEnvironmentStringsA
FindResourceW
LCMapStringA
GetProcAddress
OpenMutexW
TlsGetValue
GetStringTypeW
FreeEnvironmentStringsW
TerminateProcess
CompareStringW
GetDateFormatA
GetStringTypeA
InterlockedDecrement
HeapFree
GetFileType
SetEnvironmentVariableA
IsValidLocale
GetTickCount
GetCurrentThread
WideCharToMultiByte
RtlUnwind
IsDebuggerPresent
GetLastError
SetUnhandledExceptionFilter
VirtualAllocEx
EnumSystemLocalesA
OpenFileMappingW
MultiByteToWideChar
WriteConsoleW
GetModuleHandleW
GetCurrentProcessId
SetHandleCount
GetSystemTimeAsFileTime
GetDriveTypeW
GetLocaleInfoA
QueryPerformanceCounter
GetOEMCP
FindFirstFileA
TlsAlloc

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a23d6dffb4517ce05a7e92e6384a7dc5

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

advapi32

kernel32

Sections

.text Size: 144KB - Virtual size: 143KB

.data Size: 275KB - Virtual size: 285KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 144KB - Virtual size: 143KB

.data
Size: 275KB - Virtual size: 285KB

.rsrc
Size: 7KB - Virtual size: 6KB