ab57818530b70549896fbe844f8bc57b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab57818530b70549896fbe844f8bc57b_JaffaCakes118
Size

503KB
MD5

ab57818530b70549896fbe844f8bc57b
SHA1

a024fd133509ccae47e330b0eb07a8f488361033
SHA256

380cd953ed696383f7f12360ab2bdaed463690212074b045e51e355ad948cf4e
SHA512

1e25985f0e4ce182a59cbc5b6fb2db47f756f2d8a48fb6df026e16185af63822d404a288c9a4cbf74088a529df1aa8726a22e2ee8d8070902f3ffe1801cc9f21
SSDEEP

12288:HKAFSFwqQ4eKd9DKhnNPuuZeOjrEIpTfw1dW:HKAFSFwN2hKhnNPhcud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab57818530b70549896fbe844f8bc57b_JaffaCakes118

Files

ab57818530b70549896fbe844f8bc57b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdc9967229215ef5e6bde4d86e314962

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetDataFromIDListW
SHBrowseForFolderA

kernel32

HeapSize
GetSystemDefaultLCID
GetCurrentThreadId
MultiByteToWideChar
GetEnvironmentStringsW
TlsSetValue
VirtualQuery
GetOEMCP
TlsFree
FreeEnvironmentStringsW
CompareStringW
WriteFile
TerminateProcess
GetCurrentThread
HeapAlloc
GetLocaleInfoA
LCMapStringW
GetEnvironmentStrings
GetSystemTimeAdjustment
GetFileType
GetACP
InterlockedExchange
RtlUnwind
VirtualFree
GetCurrentProcessId
GetLastError
GetTimeFormatA
SetHandleCount
GetTimeZoneInformation
SetStdHandle
GetStartupInfoA
TlsGetValue
IsValidLocale
GetLocaleInfoW
InitializeCriticalSection
GetStdHandle
ExitProcess
SetFilePointer
CompareStringA
GetCPInfo
GetTickCount
GetStringTypeW
VirtualProtect
CloseHandle
GetProcAddress
GetSystemInfo
GetStartupInfoW
CreateMutexA
SetFileAttributesW
HeapReAlloc
QueryPerformanceCounter
UnhandledExceptionFilter
DeleteCriticalSection
FlushFileBuffers
GetModuleFileNameA
VirtualAlloc
GetUserDefaultLCID
EnterCriticalSection
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineW
GetStringTypeA
LCMapStringA
HeapFree
LeaveCriticalSection
GetVersionExA
GetPrivateProfileSectionW
FreeEnvironmentStringsA
SetEnvironmentVariableA
ReadFile
GetModuleFileNameW
HeapDestroy
GetCurrentProcess
DosDateTimeToFileTime
WriteConsoleInputA
TlsAlloc
IsBadWritePtr
CreateEventA
HeapCreate
WideCharToMultiByte
EnumSystemLocalesA
LoadLibraryA
GetCommandLineA
OpenMutexA
SetLastError
GetModuleHandleA
IsValidCodePage

advapi32

CryptEnumProvidersW
LookupPrivilegeDisplayNameW
CryptSetHashParam
CryptExportKey
GetUserNameW
RegOpenKeyA
CryptVerifySignatureA
CryptCreateHash
RegReplaceKeyW
LookupAccountSidW
LookupPrivilegeNameW
CryptAcquireContextA
RegConnectRegistryW
RegEnumKeyExA
CryptSetKeyParam
LogonUserA
CryptEnumProviderTypesA
RegDeleteKeyA

wininet

InternetTimeFromSystemTimeA
GopherGetLocatorTypeA
FtpRemoveDirectoryA
InternetQueryOptionW
ShowClientAuthCerts
UnlockUrlCacheEntryFileA

comdlg32

PageSetupDlgW
GetSaveFileNameW
FindTextA
ChooseFontA

user32

GetWindowModuleFileNameW
RegisterClassA
SendNotifyMessageA
TrackMouseEvent
DialogBoxParamA
RegisterClassExW
CreateDialogIndirectParamA
EnumDisplayMonitors
DefMDIChildProcA
GetClassNameA
SetMenuInfo
LoadKeyboardLayoutW
RegisterClassExA
DialogBoxParamW
SetShellWindow
ModifyMenuA
EnumDesktopsW
GetDoubleClickTime
SetMenuItemInfoA
SetPropW
CharLowerBuffA
GetOpenClipboardWindow
CloseClipboard
DestroyWindow
DdeAddData

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdc9967229215ef5e6bde4d86e314962

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

advapi32

wininet

comdlg32

user32

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 2KB - Virtual size: 2KB