a6f69e829dd54d95bfad7b93c240ea21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6f69e829dd54d95bfad7b93c240ea21_JaffaCakes118
Size

567KB
MD5

a6f69e829dd54d95bfad7b93c240ea21
SHA1

d85712eda3cd1e70cc8aa1d58cab97503f71b306
SHA256

ac068c49178624af5cf0435386da021ef02a63e62d67dab9e1620044aee00538
SHA512

961e1ee690f64b18f8836277d764b90813aeab098b8f786f41ccf19458955a5ead595ba56b53a0ae64a970919c5896a13720b3a350e26b748aecc27598eed73c
SSDEEP

12288:m9n4p37AlBE0X3G3/B/RJQ3yOU7NdsMyFsbdh4ev9twn:h3r0a/RJQi37tyFsQev9Cn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6f69e829dd54d95bfad7b93c240ea21_JaffaCakes118

Files

a6f69e829dd54d95bfad7b93c240ea21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e9636ae51f162682e74740de187c056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetEnvironmentStrings
HeapAlloc
GetCurrentThreadId
FindNextFileW
HeapReAlloc
IsValidCodePage
IsDebuggerPresent
EnumSystemLocalesA
MultiByteToWideChar
GetCommandLineA
CompareStringA
VirtualQuery
CompareStringW
RtlZeroMemory
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetCurrentProcessId
LCMapStringA
GetLastError
GetFullPathNameA
SetHandleCount
DeleteCriticalSection
FreeLibrary
InterlockedDecrement
RtlUnwind
SetSystemTime
TlsGetValue
EnterCriticalSection
HeapCreate
VirtualAlloc
TlsFree
InterlockedExchange
ReadFile
WritePrivateProfileSectionW
GetModuleFileNameW
GetTickCount
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcess
SetStdHandle
IsValidLocale
OpenMutexA
GetModuleHandleA
LoadLibraryA
FlushFileBuffers
CreateMutexA
UnhandledExceptionFilter
HeapDestroy
GetConsoleMode
FreeEnvironmentStringsA
GetVersionExW
GetEnvironmentStringsW
GetCommandLineW
GetACP
GetStringTypeA
LocalAlloc
CloseHandle
GetCurrentThread
GetProfileStringW
FindFirstFileExW
GetConsoleOutputCP
ContinueDebugEvent
EnumResourceLanguagesW
SetFilePointer
GetProcAddress
GetDateFormatA
VirtualFree
WriteFile
TlsSetValue
GetStartupInfoW
WideCharToMultiByte
ExitProcess
lstrcpyn
GetTimeZoneInformation
GetVersionExA
HeapFree
GetLocaleInfoW
GetModuleFileNameA
GetStdHandle
SetLastError
WriteConsoleA
GetStartupInfoA
CreateFileA
FreeEnvironmentStringsW
GetStringTypeW
GetTimeFormatA
LocalSize
HeapSize
WriteConsoleW
LoadLibraryExW
GetConsoleCP
QueryPerformanceCounter
CreateNamedPipeA
GetOEMCP
Sleep
InterlockedIncrement
GetUserDefaultLCID
GetFileType
GetCPInfo
GetProcessHeap
InitializeCriticalSection
TerminateProcess
LCMapStringW
SetUnhandledExceptionFilter
TlsAlloc

wininet

InternetSetDialStateW
FindFirstUrlCacheContainerA
InternetCanonicalizeUrlA
InternetGoOnlineA
HttpOpenRequestA
InternetCheckConnectionW
InternetWriteFile

comdlg32

GetFileTitleA
LoadAlterBitmap

gdi32

EnumFontsW
GetColorAdjustment
ExtCreatePen
CreateHalftonePalette
GetRegionData
RectVisible
CreateMetaFileA
SetMapperFlags
EnumFontFamiliesExA
GetRandomRgn
ExtSelectClipRgn
GetFontData
GetPath
EndPage
GetEnhMetaFilePaletteEntries

advapi32

ReportEventA
CryptAcquireContextW
RegSetValueExA
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumKeyW
RegSetValueW
GetUserNameW
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsW
RegEnumKeyExA
CryptExportKey
RegDeleteKeyW
RegCloseKey
RegFlushKey
LookupAccountSidW

comctl32

InitCommonControlsEx

user32

CreateAcceleratorTableW
RemoveMenu
CascadeWindows
RegisterClassExA
GetUpdateRect
GetScrollPos
DispatchMessageW
DdeQueryConvInfo
RegisterHotKey
GetScrollRange
RealChildWindowFromPoint
DdeInitializeW
IsRectEmpty
EmptyClipboard
GetThreadDesktop
WindowFromPoint
WaitForInputIdle
EnableWindow
SendIMEMessageExA
wsprintfW
RegisterClassA
OpenDesktopA
MessageBoxExA

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9636ae51f162682e74740de187c056

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

gdi32

advapi32

comctl32

user32

Sections

.text Size: 233KB - Virtual size: 232KB

.rdata Size: 11KB - Virtual size: 33KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 233KB - Virtual size: 232KB

.rdata
Size: 11KB - Virtual size: 33KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 6KB - Virtual size: 6KB