a6e88f93c71e9f788aff4ec955237c18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6e88f93c71e9f788aff4ec955237c18_JaffaCakes118
Size

484KB
MD5

a6e88f93c71e9f788aff4ec955237c18
SHA1

c606722803499d3f18aa5658c94d5c6cba7e5614
SHA256

42f24f8d3df416de5c1fcdabb90ba2dfd2c3e181633d5654d5ce5f5055c196c1
SHA512

bbcfc9e0581bfa2a46e9ffaef4dbe75f78c41eb026097bb2373cbf9be96f510018efb37b119a7aae6714234b224e37c31af53e2387c6772923d087d38bd1b3b6
SSDEEP

12288:fegE6VTpQ3xDwuCr1tOGZact2lXx/Oz/lgudLoUPgK72L:2mpwquCyGrQlqnLmK72L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6e88f93c71e9f788aff4ec955237c18_JaffaCakes118

Files

a6e88f93c71e9f788aff4ec955237c18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbb9f3535693bd8b9f04e946b02f9c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDestroyKey
RegQueryValueExW
RegCreateKeyW
CryptImportKey
LookupAccountSidA
RegOpenKeyW
RegSetValueA
CryptDeriveKey
RegSetValueExW
CryptGetHashParam
RegReplaceKeyW
CryptSetProviderExW
CryptExportKey
CryptSetProviderA
RegEnumKeyExW

shell32

SHGetDiskFreeSpaceA
DragQueryFile
SheChangeDirA
InternalExtractIconListA
ShellExecuteExA

user32

WaitForInputIdle
SetProcessDefaultLayout
MessageBoxA
FindWindowExA
ShowScrollBar
CreateWindowExW
IsRectEmpty
LoadKeyboardLayoutA
RegisterClassExW
ShowWindow
CreateIcon
LoadBitmapA
PtInRect
GetDesktopWindow
DialogBoxParamA
RegisterClassExA
AppendMenuA
GetMenuItemCount
UnhookWinEvent
GetWindowTextLengthA
GetClipboardData
DdeUninitialize
GetClipboardOwner
GetSubMenu
MessageBoxExA
RegisterClassA

kernel32

LoadLibraryA
SetStdHandle
IsValidCodePage
HeapCreate
FreeLibrary
EnterCriticalSection
GetTickCount
HeapAlloc
GetCurrentProcess
GetWindowsDirectoryA
OpenMutexA
GetLastError
GetCommandLineA
ReadFile
GetStdHandle
TlsAlloc
GetProcAddress
GetTimeZoneInformation
GetStartupInfoW
MultiByteToWideChar
RtlUnwind
CompareFileTime
ExitProcess
HeapDestroy
DeleteCriticalSection
GetACP
EnumSystemLocalesA
CompareStringW
GetStartupInfoA
GetConsoleOutputCP
LCMapStringA
VirtualFree
WriteConsoleA
GetCurrentThread
GetSystemTimeAsFileTime
GetCurrentThreadId
GetStringTypeA
SetHandleCount
SetEnvironmentVariableA
GetFileType
QueryPerformanceCounter
SetConsoleCtrlHandler
InterlockedDecrement
VirtualQuery
GetEnvironmentStrings
InterlockedExchange
GetConsoleMode
FreeEnvironmentStringsW
HeapReAlloc
FlushFileBuffers
GetLocaleInfoW
GetModuleFileNameW
CompareStringA
SetLastError
HeapSize
FreeEnvironmentStringsA
ExpandEnvironmentStringsW
TerminateProcess
GetCurrentProcessId
HeapFree
GetModuleHandleA
WriteConsoleW
GetModuleFileNameA
GetDateFormatA
CreateFileA
WriteProfileSectionW
TlsFree
GetConsoleCP
CreateMutexA
GetOEMCP
GetProcessHeap
IsDebuggerPresent
WideCharToMultiByte
InitializeCriticalSection
GetCommandLineW
TlsGetValue
GetUserDefaultLCID
GetVersionExA
GetStringTypeW
GetLocaleInfoA
CloseHandle
VirtualAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
InterlockedIncrement
GetCPInfo
WriteFile
GetTimeFormatA
TlsSetValue
SetFilePointer
LCMapStringW
IsValidLocale

gdi32

GetTextMetricsW
EnumFontsW
GetWindowExtEx
FloodFill
CreateEnhMetaFileW
FixBrushOrgEx
SetBrushOrgEx
GetCharacterPlacementW
CreateColorSpaceA
DescribePixelFormat

comctl32

InitCommonControlsEx

wininet

InternetGetConnectedStateExW
HttpQueryInfoW
GetUrlCacheHeaderData

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbb9f3535693bd8b9f04e946b02f9c0f

Headers

File Characteristics

Imports

advapi32

shell32

user32

kernel32

gdi32

comctl32

wininet

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 36KB - Virtual size: 66KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 36KB - Virtual size: 66KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 10KB - Virtual size: 10KB