ac1b623f045be115dea5d6e139f3609a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac1b623f045be115dea5d6e139f3609a_JaffaCakes118
Size

2.0MB
MD5

ac1b623f045be115dea5d6e139f3609a
SHA1

4f54c30ba664fa00e4f70f5c6691ff2b656b3dac
SHA256

623ece3cb04ba99b6ab9bc31e14f4032e44c59aa564312e19265c88fcacb80df
SHA512

1d8f001ee38b85c8d76ed137a5163112381d50fce69e72ecfb38ce6c0d9afac9b33d02af9f6c54164ceda9afd62e906106ee49f7510a4c8b160f1cd8fa2d1d32
SSDEEP

49152:0XxnOEGL+SzJnYQbjy0hO6DybU6aoY3iQ:0hOZ+SzJYQPy0hO6OoZoMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac1b623f045be115dea5d6e139f3609a_JaffaCakes118

Files

ac1b623f045be115dea5d6e139f3609a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
VirtualQueryEx
EnumResourceLanguagesW
UnhandledExceptionFilter
GlobalReAlloc
GetTapeStatus
GetVolumeInformationW
VirtualFree
GetThreadContext
ConnectNamedPipe
SetThreadLocale
TryEnterCriticalSection
SetSystemTime
CreateEventA
CreateDirectoryA
EndUpdateResourceA
EnumResourceNamesA
LocalLock
SwitchToFiber
UnmapViewOfFile
AreFileApisANSI
LocalReAlloc
PeekConsoleInputW
GetNumberFormatW
GetProcessTimes
OpenFile
GetDateFormatA
EnumDateFormatsW
FreeLibraryAndExitThread
EnumSystemCodePagesA
FindResourceExA
IsDBCSLeadByteEx
SetConsoleActiveScreenBuffer
SetCommMask
RaiseException
LoadLibraryExW
GetAtomNameA
GlobalFlags
GetCurrentDirectoryW
IsProcessorFeaturePresent
CreateDirectoryW
GetSystemDefaultLangID
GetTimeZoneInformation
GetBinaryTypeW
GetHandleInformation
VirtualProtect
GlobalUnlock
WritePrivateProfileSectionA
GlobalFindAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleHandleA
SetLastError
GetProcessHeap
ReleaseSemaphore
FillConsoleOutputCharacterA
FreeLibrary
SetTimeZoneInformation
GetTempFileNameA
SetNamedPipeHandleState
FindFirstFileExW
FlushConsoleInputBuffer
GetOverlappedResult
WriteConsoleOutputW
OpenSemaphoreW
lstrcatW
GetCommState
lstrcmpA
IsBadReadPtr
SuspendThread
GetCommandLineW
ExitProcess

user32

DispatchMessageW
CreateAcceleratorTableW
EnumDisplaySettingsExW
SendNotifyMessageA
DefFrameProcW
SetPropA
ToUnicode
GrayStringA
GetNextDlgTabItem
RedrawWindow
ChildWindowFromPoint
ChildWindowFromPointEx
CharToOemW
ChangeClipboardChain
GetWindow
GetMenuStringA
GetMenuInfo
GetUserObjectInformationW
GetShellWindow
ModifyMenuW
CreateDialogParamW
ShowWindow
NotifyWinEvent
BroadcastSystemMessageW
SetPropW

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GetCharWidth32A
CreateDiscardableBitmap
GetTextCharacterExtra
EnumFontFamiliesExA
SetSystemPaletteUse
BitBlt
ExtCreatePen
GetBkColor
EnumFontFamiliesExW
GetBkMode
PolyPolyline
GetCurrentPositionEx
StartPage
DescribePixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
GetAclInformation
InitializeSid
RegRestoreKeyW
CreateServiceW
CryptVerifySignatureA
MakeSelfRelativeSD
FreeSid
RegisterServiceCtrlHandlerA
CryptAcquireContextW

shell32

ShellExecuteA

ole32

CoLockObjectExternal
OleLockRunning
OleCreateFromData
ReadClassStg
ProgIDFromCLSID
RevokeDragDrop
ReadFmtUserTypeStg
CoMarshalInterface

oleaut32

SafeArrayPutElement
LoadTypeLi
VariantCopy
SafeArrayCreate

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

PathIsSameRootW
PathGetDriveNumberA
StrCmpNA
PathUndecorateW
StrCatW
HashData
PathStripPathA
SHSetThreadRef
StrRStrIW
PathRemoveBlanksA
StrFormatByteSize64A
PathParseIconLocationW
PathUnquoteSpacesA
UrlApplySchemeW
PathIsPrefixW
SHRegWriteUSValueW
StrRetToStrW
UrlCombineW

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB