a500533bf269210b2b721b27a1fc94f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a500533bf269210b2b721b27a1fc94f4_JaffaCakes118
Size

393KB
MD5

a500533bf269210b2b721b27a1fc94f4
SHA1

b140b363f9beac006e08e066acbfeabf33e49104
SHA256

4dd5a38951288a3d50f8adb9c3702db57a4b3d8bb2a318d6249b5e3063cc3faf
SHA512

6d2f6a6b5ae5fd9baed82c6d92719d450ff91dcb36a193088f54d6be789f107f2d16ef58657157ea6be2a6c2f7b32180c3f84e8062661dfc0ce5830771d83d7f
SSDEEP

12288:c6JUb8SE0+onvKxrDbFJNCeHEKqwK58wKxLK:cp8SEDYijBC0LqwAE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a500533bf269210b2b721b27a1fc94f4_JaffaCakes118

Files

a500533bf269210b2b721b27a1fc94f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d9583dfede9e25859ec404df6e02bf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DoEnvironmentSubstW
ExtractAssociatedIconW
SHBrowseForFolderA
SHEmptyRecycleBinW

comdlg32

GetSaveFileNameA
LoadAlterBitmap

wininet

HttpAddRequestHeadersW
InternetAutodial

user32

GetMessageA
EnumDesktopsA
CharLowerBuffA
GetCapture
FreeDDElParam
InsertMenuA
LoadStringW
CopyIcon
GetMenu
GetClipboardFormatNameW
SwitchToThisWindow
SendMessageTimeoutA
ToUnicodeEx
DestroyWindow
GetDlgItemTextW
RegisterClassA
LoadImageW
IsCharLowerW
RegisterClassExA

kernel32

FreeEnvironmentStringsW
HeapDestroy
VirtualFree
GetPrivateProfileSectionNamesW
CreateMutexA
SetLastError
GetCommandLineW
GetDateFormatA
CompareStringA
GetModuleHandleA
GetOEMCP
LCMapStringA
EnterCriticalSection
SetHandleCount
CloseHandle
GetCurrentProcess
WriteConsoleA
SetEnvironmentVariableA
IsValidLocale
TlsAlloc
OpenMutexA
HeapCreate
Sleep
HeapAlloc
SetUnhandledExceptionFilter
GetCommandLineA
LoadLibraryA
InterlockedDecrement
GetModuleHandleW
CreateFileA
GetTickCount
TlsSetValue
HeapSize
GetStringTypeW
GetConsoleCP
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
VirtualAlloc
ReadFile
GetLocaleInfoW
HeapFree
GetProcAddress
GetCurrentThread
SetStdHandle
IsValidCodePage
WriteConsoleW
ExitProcess
TlsFree
InterlockedExchange
WideCharToMultiByte
GetCurrentThreadId
GetUserDefaultLCID
GetModuleFileNameA
GetEnvironmentStringsW
FillConsoleOutputCharacterW
GetModuleFileNameW
WriteFile
GetConsoleMode
GetACP
GetTimeZoneInformation
FlushFileBuffers
GetLastError
GetStartupInfoW
TerminateProcess
GetStringTypeA
MultiByteToWideChar
GetFileType
HeapReAlloc
LCMapStringW
InterlockedIncrement
LeaveCriticalSection
RtlUnwind
SetConsoleCtrlHandler
VirtualQuery
IsDebuggerPresent
TlsGetValue
GetSystemTimeAsFileTime
UnhandledExceptionFilter
QueryPerformanceCounter
GetConsoleOutputCP
GetCurrentProcessId
GetStdHandle
EnumSystemLocalesA
GetCPInfo
CompareStringW
GetTimeFormatA
SetFilePointer
DeleteCriticalSection
GetStartupInfoA

advapi32

CryptDuplicateKey
RevertToSelf
DuplicateTokenEx
CryptGetKeyParam
CryptEnumProviderTypesW
RegConnectRegistryA
CryptContextAddRef
RegEnumKeyA
RegEnumKeyExA
CreateServiceA
LookupPrivilegeValueW
CryptSetProviderA
CryptHashSessionKey
RegReplaceKeyW

comctl32

InitCommonControlsEx

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9583dfede9e25859ec404df6e02bf9

Headers

File Characteristics

Imports

shell32

comdlg32

wininet

user32

kernel32

advapi32

comctl32

Sections

.text Size: 188KB - Virtual size: 188KB

.rdata Size: 10KB - Virtual size: 21KB

.data Size: 176KB - Virtual size: 175KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 188KB - Virtual size: 188KB

.rdata
Size: 10KB - Virtual size: 21KB

.data
Size: 176KB - Virtual size: 175KB

.rsrc
Size: 17KB - Virtual size: 17KB