a59b497402c8c6d9c128297539cfa6b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a59b497402c8c6d9c128297539cfa6b0_JaffaCakes118
Size

457KB
MD5

a59b497402c8c6d9c128297539cfa6b0
SHA1

a06ae40fab36c6d56a6c34bd4fa2aac19ea63abb
SHA256

e2f2878be5d5c607a7189e2032654672d5f58f3891e06215bbafa6053c009b99
SHA512

f7c2d7cfc55e5dec165e21fc6e5e924657ee59e101467798b8ef1207269da878490c26f3127c357a4df0e1832d7750ce3d0620b77b764958b13f2d8b089e3c85
SSDEEP

12288:DrhdV6/8B1e7toFdGaqf0zULiaRTXIvxia0Ezg:QJPa6RaxiMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a59b497402c8c6d9c128297539cfa6b0_JaffaCakes118

Files

a59b497402c8c6d9c128297539cfa6b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41adeaf988ad859911f97964622f53da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderA
SheChangeDirA
ExtractIconA

user32

DdeGetData
MonitorFromWindow
DdeNameService
GetWindowPlacement
DdeAbandonTransaction
GetPriorityClipboardFormat
GetDlgItemInt
GetUserObjectInformationW
GetMenuItemInfoW
WaitMessage
DispatchMessageA
SetWindowLongW
SetWindowPlacement
UnloadKeyboardLayout
WinHelpW
ModifyMenuW
AdjustWindowRectEx
GetClassInfoA
MessageBeep
EndDialog
ToAsciiEx
GetMenuItemRect
DlgDirSelectComboBoxExW
GetClassLongA
DrawCaption

comdlg32

PageSetupDlgW
GetOpenFileNameW
PageSetupDlgA
GetSaveFileNameW

advapi32

CryptSetProvParam
RegSetValueExW
CryptGetHashParam
AbortSystemShutdownW
LookupSecurityDescriptorPartsW
RegSaveKeyW
CryptSetProviderW
CryptExportKey
CryptSetProviderExW
StartServiceA
CryptGetDefaultProviderW
CryptHashData
CryptGenKey
CryptDestroyHash
LookupPrivilegeDisplayNameA
DuplicateTokenEx
RegCreateKeyW
LookupAccountSidW
RegOpenKeyExW
CryptGenRandom

kernel32

IsValidLocale
GetCurrentProcess
TlsSetValue
SetEnvironmentVariableA
GetStartupInfoA
Sleep
GetTimeZoneInformation
InterlockedExchange
GetModuleFileNameW
TlsGetValue
SetConsoleCtrlHandler
HeapCreate
GetUserDefaultLCID
RtlUnwind
CompareStringW
SetHandleCount
DeleteCriticalSection
GetTimeFormatA
GetProcAddress
GetCurrentProcessId
GetEnvironmentStringsW
TlsFree
WriteFile
HeapSize
QueryPerformanceCounter
GetCommandLineW
IsValidCodePage
GetOEMCP
LCMapStringA
GetModuleHandleW
VirtualQuery
GetCPInfo
GetVolumeInformationW
EnumSystemLocalesA
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
TlsAlloc
UnhandledExceptionFilter
CompareStringA
GetStringTypeW
GetModuleFileNameA
WideCharToMultiByte
LCMapStringW
GetStartupInfoW
VirtualFree
FreeLibrary
VirtualAlloc
IsDebuggerPresent
IsBadWritePtr
HeapFree
GetLocaleInfoA
MultiByteToWideChar
HeapAlloc
TerminateProcess
GetSystemTimeAsFileTime
GetStdHandle
HeapDestroy
GetTickCount
GetACP
LoadLibraryA
HeapReAlloc
GetLastError
FreeEnvironmentStringsW
GlobalAlloc
InterlockedIncrement
GetDriveTypeA
LeaveCriticalSection
GetStringTypeA
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
SetLastError
InterlockedCompareExchange
GetLocaleInfoW
ExitProcess
GetFileType
GetModuleHandleA
GetDateFormatA
GetDiskFreeSpaceExW
EnterCriticalSection

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41adeaf988ad859911f97964622f53da

Headers

File Characteristics

Imports

shell32

user32

comdlg32

advapi32

kernel32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 9KB - Virtual size: 23KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 9KB - Virtual size: 23KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 12KB - Virtual size: 11KB