b12ae4345786c907bb6ebe225da4d6c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b12ae4345786c907bb6ebe225da4d6c9_JaffaCakes118
Size

116KB
MD5

b12ae4345786c907bb6ebe225da4d6c9
SHA1

da62f75e909a74d5cfe540aded114a87f164fdf2
SHA256

07d5077b51cf342c3b5bbd31f4fffe7a446907f9bbeb2bb9036f42494631263b
SHA512

466bb065511d3d06dc24009adee332abee0e0c23c4abcb87e69f9c9c2461665dd38c37d2b84bf1e28e362a87aaa99f2caf8ec2ae72dd88ca141f4ed0c33205b7
SSDEEP

3072:PMkDJ5hrM8xNsLd1G2NWnEl2ajh3ec1YwSHwHXEel:U8J88xyjLNWnEJduTJcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b12ae4345786c907bb6ebe225da4d6c9_JaffaCakes118

Files

b12ae4345786c907bb6ebe225da4d6c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10ec7ea5c7b41dae85f398d3f96519ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetTickCount
Sleep
GetVersionExA
ReleaseSemaphore
GetProcAddress
GetLocaleInfoA
GetSystemDefaultLangID
FreeEnvironmentStringsW
VirtualAlloc
WriteFile
TryEnterCriticalSection
QueryPerformanceCounter
lstrcatA
lstrcmpA
SetEvent
GetConsoleOutputCP
UnmapViewOfFile
TerminateThread
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
InterlockedExchange
IsValidCodePage
ExpandEnvironmentStringsW
GetCPInfo
FindNextFileA
DefineDosDeviceA
GetSystemDirectoryW
EnumSystemLocalesA
FlushFileBuffers
InterlockedDecrement
GetUserDefaultLCID
EnterCriticalSection
ResumeThread
TlsFree
GetCurrentProcess
CloseHandle
SetEndOfFile
GetVolumeInformationA
SetErrorMode
SetHandleCount
OpenEventA
ExitProcess
TerminateProcess
CreateEventA
CreateFileMappingW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CopyFileA
lstrcpyA
HeapReAlloc
WaitForSingleObject
GlobalHandle
LocalFree
GetConsoleMode
TlsGetValue
SetFilePointer
GetStringTypeA
GetLastError
GetFileAttributesA
GlobalFree
SetLastError
CreateFileA
GetModuleFileNameA
LCMapStringA
SetFileAttributesA
InterlockedIncrement
GetStartupInfoA
GetConsoleCP
LoadResource
OpenMutexA
CreateFileMappingA
GetModuleHandleA
DeleteFileA
ReadFile
HeapSize
SetStdHandle
FindClose
GetCurrentProcessId
RtlUnwind
TlsSetValue
GetEnvironmentVariableA
GetFileType
RaiseException
SetThreadPriority
LoadLibraryA
CreateDirectoryA
GetFileSize
IsDebuggerPresent
SystemTimeToFileTime
GetProcessHeap
VirtualProtect
GetSystemTime
IsValidLocale
CreateThread
WriteConsoleW
WideCharToMultiByte
InitializeCriticalSection
LCMapStringW
GetVersionExW
LeaveCriticalSection
TlsAlloc
GetTimeFormatW
QueryDosDeviceA
GetSystemTimeAsFileTime
PulseEvent
FreeLibrary
DeviceIoControl
lstrcmpiA
GetCommandLineA
InterlockedCompareExchange
GetSystemDirectoryA
DeleteTimerQueueTimer
GetCurrentThreadId
GetACP
MapViewOfFile
GetTempPathA
VirtualFree
GetOEMCP
DeleteFileW
HeapCreate
FindFirstFileA
ReleaseMutex
CreateMutexA
GetLocaleInfoW
GetDriveTypeW
MultiByteToWideChar
HeapFree
GetFullPathNameW
WaitForMultipleObjects
WriteConsoleA
GetEnvironmentStrings
HeapAlloc
GetEnvironmentStringsW
DeleteCriticalSection
GetStdHandle
CreateProcessA
lstrlenA
CreateTimerQueueTimer
GetStringTypeW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

advapi32

CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyW
RegDeleteKeyA
CryptGenRandom
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExW
RegCreateKeyExW

user32

CreatePopupMenu
InvalidateRect
PeekMessageA
GetWindowPlacement
DispatchMessageW
RegisterWindowMessageA
SetFocus
wsprintfA
DialogBoxParamW
CreateWindowExA
ReleaseDC
LoadStringW
GetDlgItem
MessageBoxW

ws2_32

WSASocketA
freeaddrinfo
getaddrinfo

msvcrt

??0exception@@QAE@XZ
_XcptFilter
memmove
??0exception@@QAE@ABQBD@Z

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA

aclui

CreateSecurityPage

wininet

InternetSetOptionA

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10ec7ea5c7b41dae85f398d3f96519ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

user32

ws2_32

msvcrt

shell32

aclui

wininet

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 30KB - Virtual size: 131KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 120B

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 30KB - Virtual size: 131KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 120B