a5fb7b6e93d3a1519f4552db06f08c7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5fb7b6e93d3a1519f4552db06f08c7f_JaffaCakes118
Size

692KB
MD5

a5fb7b6e93d3a1519f4552db06f08c7f
SHA1

b3bb534be9cdb1663aa64e72972837c1c4f5679f
SHA256

e747d3c7845074927b8a670c19688d53f19c571c2415e7ac04ccf7892a59516e
SHA512

6ab08749decfe8cda6320cae48e3e3e5cd72307e5643c7bf4b172c39db66f5e494ea05217812eabddf0062a7946b0a233f3b6daa48803acf072169729339e88a
SSDEEP

12288:YM7pCdO9dz/QhmFGLgqBW6WZt2FYR9QjnXkVoOSL0GTL:YWAWYhmFGLgqBxWZt2FYR6j59pTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5fb7b6e93d3a1519f4552db06f08c7f_JaffaCakes118

Files

a5fb7b6e93d3a1519f4552db06f08c7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

605d758c84fceff9576e72a07503992c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
VkKeyScanExW
GetClientRect
SetWindowsHookA
GetWindowThreadProcessId
DefWindowProcW
ScreenToClient
EnumDesktopsW
SetParent
DestroyWindow
RemovePropA
CreateWindowExA
ShowWindow
MessageBoxA
RegisterClassExA

comctl32

ImageList_SetFilter
CreateStatusWindow
InitMUILanguage
ImageList_Remove
CreateMappedBitmap
ImageList_Copy
ImageList_LoadImageW
CreatePropertySheetPageW
CreateToolbarEx
DrawStatusTextA
ImageList_GetIcon
InitCommonControlsEx
ImageList_SetIconSize
GetEffectiveClientRect
MakeDragList
ImageList_GetImageCount

advapi32

LookupPrivilegeNameA
RegCreateKeyExA
RegSetValueExA
CryptVerifySignatureW
ReportEventW
CryptSetProviderExA
RegLoadKeyA
GetUserNameA
RegLoadKeyW
RegSaveKeyA
RegQueryMultipleValuesA
CreateServiceA
RegReplaceKeyA
LookupPrivilegeNameW
CryptAcquireContextW
CryptEncrypt
CryptSetKeyParam
CryptEnumProvidersW
RegReplaceKeyW

kernel32

GetStdHandle
QueryPerformanceCounter
LCMapStringA
GetEnvironmentStringsW
DeleteCriticalSection
IsBadWritePtr
SetLastError
FreeEnvironmentStringsW
LCMapStringW
GetTickCount
HeapCreate
FreeEnvironmentStringsA
GetProcAddress
ReadConsoleInputW
GetSystemInfo
TlsAlloc
SetEndOfFile
GetVersionExA
GetCurrentProcess
MultiByteToWideChar
SetFileAttributesA
GetLocaleInfoW
ReadFile
GetFullPathNameA
GlobalHandle
GetCurrentThreadId
GetTimeFormatA
GetLocalTime
VirtualProtect
VirtualAlloc
IsValidLocale
GetLocaleInfoA
CompareStringW
LocalFlags
HeapSize
lstrcatA
HeapReAlloc
ExitProcess
WriteFile
GetFileType
HeapDestroy
GlobalGetAtomNameA
GetSystemDefaultLCID
EnumSystemLocalesA
LeaveCriticalSection
GetCalendarInfoW
GetACP
GetUserDefaultLCID
TerminateProcess
SetEnvironmentVariableA
RtlUnwind
GetPrivateProfileSectionA
SetHandleCount
TlsSetValue
GetModuleHandleA
WriteConsoleOutputCharacterW
HeapFree
GetCPInfo
GetModuleFileNameA
EnumCalendarInfoW
GetCurrentThread
EnterCriticalSection
WriteFileEx
ReadConsoleOutputA
InterlockedExchange
GetCurrentProcessId
CreateProcessA
VirtualFree
GetLastError
InitializeCriticalSection
LoadLibraryA
TlsGetValue
SetFilePointer
IsValidCodePage
HeapAlloc
CloseHandle
CreateMutexA
TlsFree
CreateThread
MoveFileExW
SetStdHandle
CompareStringA
GetTimeZoneInformation
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetOEMCP
GetNamedPipeHandleStateA
GetStartupInfoA
VirtualQuery
CreateEventA
InterlockedExchangeAdd
WideCharToMultiByte
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetEnvironmentStrings
GetCommandLineA
GetDateFormatA
OpenMutexA

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605d758c84fceff9576e72a07503992c

Headers

File Characteristics

Imports

user32

comctl32

advapi32

kernel32

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 204KB - Virtual size: 211KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 204KB - Virtual size: 211KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 100KB - Virtual size: 100KB