abb5229897593f84a4ff92a36712c46e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

abb5229897593f84a4ff92a36712c46e_JaffaCakes118
Size

493KB
MD5

abb5229897593f84a4ff92a36712c46e
SHA1

34bf0a2953806e1b2716844e9ddda5f332e9e31c
SHA256

628c7b4c11f9cbb5f3fbbb97f79c7c6c4568b22ef31c18c92142b5a9e5f742aa
SHA512

38263d447813a14d0b357bdb20af02513c1f7a1c801f73faa6465da4c855d5878db0e213b1046ba7dedb236fa2404fa8e4c73aafa95de79b24def5189ef6879d
SSDEEP

6144:Sii6DvvsNnOahO1TjnFyrgkjvViNgfb0I422tQk9uOPiIx2S4A443iVBLApvqkzB:qO8OsvVOVGaNtD4giVyIkzjdMR9XRWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abb5229897593f84a4ff92a36712c46e_JaffaCakes118

Files

abb5229897593f84a4ff92a36712c46e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d59fc6537a6a697efd5b3a6af90be3d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
EnumDateFormatsW
LeaveCriticalSection
InitializeCriticalSection
SetLastError
GetEnvironmentStrings
GetProcessHeap
GetVersion
ResumeThread
HeapAlloc
GetProcAddress
GetCurrentThreadId
FreeEnvironmentStringsA
TlsAlloc
GetSystemInfo
GetStartupInfoA
GetStringTypeA
SetEnvironmentVariableA
GetCurrentProcess
CreateMutexA
CloseHandle
HeapReAlloc
TerminateProcess
GetLocalTime
GetConsoleCursorInfo
GetModuleFileNameA
SetHandleCount
ReadFileEx
GetCommandLineA
TlsFree
GetStringTypeW
VirtualAlloc
SetThreadAffinityMask
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentThread
GetTickCount
IsBadWritePtr
SetConsoleMode
HeapCreate
FlushFileBuffers
LCMapStringW
lstrlenA
GetFileType
TlsSetValue
SetStdHandle
OpenMutexA
GetLastError
QueryPerformanceCounter
ReadConsoleOutputW
WaitNamedPipeW
ReadConsoleOutputCharacterW
GetSystemTime
GetStartupInfoW
GetCPInfo
MultiByteToWideChar
InterlockedExchange
DeleteCriticalSection
InterlockedDecrement
TlsGetValue
UnlockFile
FreeEnvironmentStringsW
InterlockedIncrement
CreateDirectoryW
GetModuleFileNameW
TransmitCommChar
VirtualFree
AllocConsole
GetEnvironmentStringsW
ReadFile
CompareStringW
EnterCriticalSection
VirtualQuery
UnhandledExceptionFilter
WideCharToMultiByte
ReleaseSemaphore
LCMapStringA
HeapDestroy
GetCommandLineW
GetModuleHandleA
SetCurrentDirectoryA
GetPrivateProfileStringA
GetCurrentProcessId
GetStdHandle
WriteFile
ExitProcess
OpenEventA
CompareStringA
HeapFree
RtlUnwind
SetFilePointer

wininet

SetUrlCacheHeaderData
HttpOpenRequestA
HttpSendRequestA
FtpGetFileEx
UpdateUrlCacheContentPath

comctl32

InitCommonControlsEx

user32

ShowCursor
RegisterClassExA
DdeSetUserHandle
IsCharLowerA
IsZoomed
TranslateMDISysAccel
CharUpperW
GetMenuBarInfo
RegisterClassA
GetOpenClipboardWindow
FlashWindowEx
GetMenuState
GetGuiResources
DlgDirListComboBoxW
WINNLSGetIMEHotkey
GetScrollInfo
GetClassNameW
MsgWaitForMultipleObjects
GetMessageA
IsCharAlphaNumericA
GetWindowModuleFileNameA
ShowOwnedPopups
DdeDisconnectList

shell32

SHFileOperation

advapi32

CryptSetProviderW
RegConnectRegistryA
RegFlushKey
RegQueryMultipleValuesW
InitializeSecurityDescriptor
CryptDestroyKey
CryptDuplicateHash
RegReplaceKeyW
RegOpenKeyW
RegOpenKeyExA
CryptSetProvParam
GetUserNameA
RegSetKeySecurity
RegDeleteValueW
CryptContextAddRef
RegEnumValueW
StartServiceW
RegQueryValueW
ReportEventA
LookupPrivilegeNameA
RegQueryValueExW
RegCreateKeyA
CryptGetDefaultProviderA
CryptDuplicateKey

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d59fc6537a6a697efd5b3a6af90be3d6

Headers

File Characteristics

Imports

kernel32

wininet

comctl32

user32

shell32

advapi32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 5KB - Virtual size: 36KB

.data Size: 354KB - Virtual size: 353KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 5KB - Virtual size: 36KB

.data
Size: 354KB - Virtual size: 353KB

.rsrc
Size: 11KB - Virtual size: 11KB