ab7f3809037b88b4ba473f5336efc282_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab7f3809037b88b4ba473f5336efc282_JaffaCakes118
Size

514KB
MD5

ab7f3809037b88b4ba473f5336efc282
SHA1

c2164289dfedcf227c3d14556e33a4fa1af47388
SHA256

ca0a66964295d12b03d6932aa38ed0f18bb67d289179379d49599dfe5e96d48c
SHA512

59cb81da649f07c14ce204fd85fdf604ad9a720a228c9be4f712fc7057e994770b429919e392a8cded3522880635e3e55c89ba2124b0ad4e2d51c8e5a2832700
SSDEEP

12288:P7Bqy8RPMpw+45jwCcFr1WfYo8BsmAxr9EkB+DZVwgmJC:DIyFw+4lyFQflOuxr9xBQmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab7f3809037b88b4ba473f5336efc282_JaffaCakes118

Files

ab7f3809037b88b4ba473f5336efc282_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14f43af03cf7849d91646a0d5dfa12d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
DuplicateIcon
RealShellExecuteExW
DragQueryFile

comctl32

InitCommonControlsEx

wininet

InternetWriteFileExA
GopherGetAttributeA

user32

GetCaretBlinkTime
SetMessageQueue
DdeQueryNextServer
IsCharAlphaW
MapWindowPoints
GetMessageW
RegisterClassA
RegisterClassExA
GetNextDlgTabItem
DrawIcon

advapi32

CryptEnumProviderTypesW
LookupPrivilegeDisplayNameW
CryptHashData
LogonUserW
CryptSetProviderA
LookupSecurityDescriptorPartsA
CryptVerifySignatureW
CryptSetProviderW
LookupAccountNameW
RegQueryInfoKeyW
LogonUserA
RegDeleteValueW
CryptGenRandom
CryptSetHashParam
StartServiceA
RegCreateKeyExW
RegNotifyChangeKeyValue
RegDeleteKeyW
CryptGetDefaultProviderA
LookupPrivilegeNameA

kernel32

VirtualProtect
RtlUnwind
GetLocaleInfoA
TlsGetValue
ReadFile
GetCurrentProcessId
SetEnvironmentVariableA
GetLastError
GetStringTypeA
VirtualAlloc
UnhandledExceptionFilter
SetStdHandle
GetACP
GetOEMCP
EnterCriticalSection
IsValidCodePage
DeleteAtom
ExitProcess
SetLocaleInfoA
GetModuleHandleA
WriteFile
GetCPInfo
GetStringTypeW
GetStdHandle
GetSystemTimeAsFileTime
GetProcAddress
FreeEnvironmentStringsA
GetStartupInfoW
SetVolumeLabelA
TlsAlloc
LoadLibraryA
VirtualFreeEx
VirtualQuery
CreateMutexA
MoveFileExA
HeapReAlloc
HeapDestroy
GetModuleFileNameW
TlsFree
GetStartupInfoA
InitializeCriticalSection
IsBadWritePtr
GetConsoleTitleA
MultiByteToWideChar
HeapCreate
DeleteCriticalSection
GetTickCount
SetLastError
GetDateFormatA
FreeEnvironmentStringsW
SetHandleCount
LeaveCriticalSection
FindFirstFileA
InterlockedExchange
OpenMutexW
HeapFree
CreateFileMappingW
EnumSystemLocalesA
GetCurrentProcess
CompareStringA
GetEnvironmentStringsW
GetEnvironmentStrings
CompareStringW
QueryPerformanceCounter
HeapAlloc
GetDriveTypeW
LCMapStringW
TlsSetValue
DebugActiveProcess
GetFileType
GetWindowsDirectoryW
WideCharToMultiByte
IsValidLocale
OpenMutexA
GetCommandLineA
GetVersionExA
GetCurrentThreadId
HeapSize
GetSystemInfo
WaitForDebugEvent
CloseHandle
LocalHandle
GetCurrentThread
FlushFileBuffers
GetTimeZoneInformation
LCMapStringA
VirtualFree
GetCommandLineW
SetFilePointer
TerminateProcess
GetTimeFormatA
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetModuleFileNameA

gdi32

GetMapMode
DeleteObject
GetLayout
ExtTextOutA
CreateCompatibleDC
GetBrushOrgEx
AddFontResourceA
BeginPath
GetEnhMetaFileHeader
GetMiterLimit
GetArcDirection
CreateHatchBrush
SetDIBitsToDevice
GetCharacterPlacementW
PathToRegion
PolyTextOutA
StrokePath
GetObjectW
AngleArc
GetEnhMetaFileW
FlattenPath
EndDoc
GetWinMetaFileBits
GetStockObject

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14f43af03cf7849d91646a0d5dfa12d9

Headers

File Characteristics

Imports

shell32

comctl32

wininet

user32

advapi32

kernel32

gdi32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 11KB - Virtual size: 11KB