ae81538d148f53bfe6f90e412aa0bee1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae81538d148f53bfe6f90e412aa0bee1_JaffaCakes118
Size

359KB
MD5

ae81538d148f53bfe6f90e412aa0bee1
SHA1

2dc2040dd301a48e9f6753d39f78e4ec55f80e7d
SHA256

b150189add94e099f4d219acbf0e65445d84a36de4d3888a6c2b751dfadf4505
SHA512

82ac8050dd46d681c1ccddb1a04e8f6832e65652efe469d53fab970d6dbc085acfe33009c737ba617b113924bb8a49f3d3eab0f631f2f8ee305031f84332588f
SSDEEP

6144:lA6Vt3Bl5JMuZBCQxdDNcdKPmQIIQ/DGnU6C76VVmhmbE0cjQSuJUYil9:lAYDJMuZA4FInan546VVmhm3n56h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae81538d148f53bfe6f90e412aa0bee1_JaffaCakes118

Files

ae81538d148f53bfe6f90e412aa0bee1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa70492a26393dbf1320a50c6efdbcb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DlgDirListComboBoxW
GetClipboardFormatNameW
ChangeMenuA
RealChildWindowFromPoint
GetDCEx
GetProcessWindowStation
RegisterClassExA
CheckDlgButton
GetWindowRect
RegisterClassA

shell32

FindExecutableA
RealShellExecuteExW
SHGetSpecialFolderPathA
SHInvokePrinterCommandW
SHChangeNotify

advapi32

CryptDuplicateKey

comctl32

InitCommonControlsEx

kernel32

SetStdHandle
SetEnvironmentVariableA
SetHandleCount
UnhandledExceptionFilter
lstrcmpW
VirtualQuery
TlsGetValue
RtlUnwind
CreateFileMappingA
CompareStringW
GetSystemInfo
GetLocaleInfoA
GetCurrentProcess
GetDriveTypeA
HeapCreate
GetStringTypeA
IsBadWritePtr
GetCPInfo
GetLastError
GetEnvironmentStringsW
GetStartupInfoA
GetCurrentProcessId
OpenMutexA
FindResourceA
TlsAlloc
HeapSize
GetEnvironmentStrings
VirtualAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetTimeFormatA
GetProcAddress
GetDateFormatA
WriteProfileSectionW
InitializeCriticalSection
GetOEMCP
EnterCriticalSection
GetDiskFreeSpaceExW
GetVersionExA
LoadLibraryA
GetACP
ExitProcess
VirtualFree
EnumSystemLocalesA
GetLocaleInfoW
TlsSetValue
IsValidCodePage
SetLastError
GetCurrentThreadId
GetStringTypeW
HeapFree
TlsFree
InterlockedExchange
LCMapStringA
FlushFileBuffers
LCMapStringW
OpenEventA
LeaveCriticalSection
SetFilePointer
WritePrivateProfileStringA
GetModuleHandleA
HeapDestroy
GetTickCount
CreateMutexA
WriteFile
DeleteCriticalSection
CompareStringA
MultiByteToWideChar
LocalLock
GetFileType
GetUserDefaultLCID
GetStdHandle
GetCurrentThread
HeapReAlloc
TerminateProcess
GetModuleFileNameA
VirtualProtect
ReadFile
CloseHandle
IsValidLocale
FreeEnvironmentStringsW
QueryPerformanceCounter
GetCommandLineA
WideCharToMultiByte
HeapAlloc
FreeEnvironmentStringsA

gdi32

SelectObject
CheckColorsInGamut
gdiPlaySpoolStream
RealizePalette
GetLogColorSpaceW
GetCharABCWidthsFloatA

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa70492a26393dbf1320a50c6efdbcb1

Headers

File Characteristics

Imports

user32

shell32

advapi32

comctl32

kernel32

gdi32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 8KB - Virtual size: 16KB

.data Size: 173KB - Virtual size: 173KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 8KB - Virtual size: 16KB

.data
Size: 173KB - Virtual size: 173KB

.rsrc
Size: 5KB - Virtual size: 5KB