ae9809d9a5d664acc916a17b5f3a9a07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae9809d9a5d664acc916a17b5f3a9a07_JaffaCakes118
Size

531KB
MD5

ae9809d9a5d664acc916a17b5f3a9a07
SHA1

a00166794b2d0616b5c5ffda89228ff79d5bf9c5
SHA256

f96ca8cb4f55de30410f09f57fe0ddd73fe1df4a5a2c308dde38c102ab1e5c58
SHA512

97a6080d4916ecb2e78f72429087c39cb51c7d22c57145ce1494134af5cf062962d772f2825d2c458d44d23a68fa3e631778623e6e5e9abcfc29da42cad78e42
SSDEEP

12288:NUoYtRVWRtgeyIKINYF4B6X5MQuZx7toL8qmzIz/6y24iYffnT:kttdpIyqAjAJtoQqCm/WGffnT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae9809d9a5d664acc916a17b5f3a9a07_JaffaCakes118

Files

ae9809d9a5d664acc916a17b5f3a9a07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

deb1efeec28ca359d34e495e06741222

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetLastError
GetCurrentProcessId
UnhandledExceptionFilter
EnterCriticalSection
SetVolumeLabelA
GetStringTypeW
GetCurrentThreadId
SetEnvironmentVariableA
GetCommandLineA
LCMapStringW
SetFilePointer
GetLocaleInfoA
WideCharToMultiByte
CreateMutexA
GetEnvironmentStrings
IsValidCodePage
TlsFree
ExitProcess
OpenMutexA
GetModuleFileNameA
GetStdHandle
FreeEnvironmentStringsW
TlsAlloc
SetEndOfFile
FoldStringA
GetTimeFormatA
GetTimeZoneInformation
LeaveCriticalSection
ReadFile
GetConsoleOutputCP
GetCurrentProcess
FreeEnvironmentStringsA
InitializeCriticalSection
HeapDestroy
WriteFile
CompareStringW
GetDateFormatA
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
MultiByteToWideChar
GetProcAddress
TlsGetValue
GetEnvironmentVariableW
TlsSetValue
GetFileType
CompareStringA
InterlockedCompareExchange
GetStartupInfoA
GlobalReAlloc
HeapSize
EnumSystemLocalesA
IsBadWritePtr
TerminateProcess
HeapReAlloc
GetSystemInfo
CreateDirectoryExA
GetLogicalDrives
GetCurrentDirectoryW
DeleteCriticalSection
GetStartupInfoW
EnumDateFormatsA
GetVersionExA
LCMapStringA
GetSystemTimeAsFileTime
RaiseException
GetDiskFreeSpaceExA
GetThreadPriorityBoost
GetProcessHeap
VirtualProtect
LoadLibraryExA
LoadLibraryA
GetTickCount
VirtualAlloc
IsValidLocale
CopyFileA
GetCurrentThread
GetUserDefaultLCID
GetModuleHandleA
SetConsoleTextAttribute
SetCurrentDirectoryW
GetLocaleInfoW
HeapFree
GetEnvironmentStringsW
HeapAlloc
CreateMailslotA
SetLastError
SetStdHandle
HeapCreate
CloseHandle
QueryPerformanceCounter
GetStringTypeA
GetPrivateProfileSectionW
SetHandleCount
GetCPInfo
FindAtomA
FlushFileBuffers
RtlUnwind

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
CryptGetHashParam
DuplicateToken
CryptEnumProviderTypesA
CryptEnumProviderTypesW
CryptSetHashParam

gdi32

GetViewportExtEx
ExtEscape
GetICMProfileA
GetTextCharacterExtra
RemoveFontResourceA
EnumICMProfilesW
EnumFontsW
AnimatePalette
LPtoDP
GetCharABCWidthsFloatW
SetRectRgn
GetDCOrgEx
CloseMetaFile

user32

RegisterClassExA
GetClassInfoA
LoadCursorFromFileA
ReleaseDC
TabbedTextOutW
PostThreadMessageW
ChildWindowFromPointEx
RegisterClassA

shell32

FindExecutableW
CommandLineToArgvW
SHFormatDrive
ShellExecuteExW

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deb1efeec28ca359d34e495e06741222

Headers

File Characteristics

Imports

kernel32

comctl32

advapi32

gdi32

user32

shell32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 8KB - Virtual size: 23KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 8KB - Virtual size: 23KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 13KB - Virtual size: 13KB