aeb5f49422afe7dfce10a64c7cb354ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aeb5f49422afe7dfce10a64c7cb354ab_JaffaCakes118
Size

277KB
MD5

aeb5f49422afe7dfce10a64c7cb354ab
SHA1

0fa6a1dee98818a68610b927cf8b0b4cf10f691d
SHA256

f7a4b1e9041b9817f66746ba2621f32ed4bc511300f666e641cae6af3503dd96
SHA512

1423835070c8625a14c90904b67e44ba135f08b1236393c8f2a05116378644cd323f5ac4375011d182cb9a27bed7df5beaa594e439d3eb9eb594f26f128135c3
SSDEEP

6144:hVbPd8lIcXp2QX99BJtlufSGbbpvdtPsc3RsZYH4C7+e4IgY:NIXX/mftblvdt33RsZ6LgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeb5f49422afe7dfce10a64c7cb354ab_JaffaCakes118

Files

aeb5f49422afe7dfce10a64c7cb354ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a507f7eb529d89ee9d59500315a79bf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetLocaleInfoW
LocalFlags
GetVolumeInformationA
GetCurrentThread
GetLongPathNameW
HeapAlloc
TlsFree
MultiByteToWideChar
HeapSize
SetHandleCount
InterlockedDecrement
ReleaseSemaphore
EnumCalendarInfoW
WriteFile
LeaveCriticalSection
VirtualFree
GetEnvironmentStringsW
GetFileType
SetConsoleActiveScreenBuffer
IsValidCodePage
DeleteCriticalSection
GetLastError
EnumSystemLocalesA
GetLocaleInfoA
GetProcessHeap
SetEnvironmentVariableA
GetEnvironmentStrings
GetProcAddress
SetConsoleTitleA
GetDateFormatA
Sleep
GetCommandLineA
CompareStringW
CreateProcessA
GetStartupInfoA
VirtualQuery
HeapDestroy
SetUnhandledExceptionFilter
InterlockedIncrement
EnumDateFormatsA
GetStdHandle
SetConsoleCtrlHandler
GetCommandLineW
HeapReAlloc
HeapCreate
ExitProcess
CommConfigDialogA
FoldStringW
VirtualAlloc
TlsAlloc
QueryPerformanceCounter
GetCurrentProcess
GetTimeFormatA
GetModuleHandleA
FreeLibrary
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
IsDebuggerPresent
TlsSetValue
CompareStringA
GetACP
GetCurrentProcessId
WideCharToMultiByte
GetTimeZoneInformation
IsValidLocale
GetVersionExA
GetTickCount
GetOEMCP
SetEndOfFile
FreeEnvironmentStringsW
LCMapStringA
InitializeCriticalSection
RtlUnwind
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
InterlockedExchange
GetUserDefaultLCID
EnterCriticalSection
LocalFileTimeToFileTime
GetCPInfo
UnhandledExceptionFilter
GetModuleFileNameW
GetStartupInfoW
HeapFree
TerminateProcess
LoadLibraryA
MoveFileExW
SetLastError
TlsGetValue
UnlockFile
GetModuleFileNameA
LCMapStringW

advapi32

RegFlushKey
ReportEventW
DuplicateToken
RegOpenKeyA
RegSetValueExA
CryptSetProviderW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumValueW
CryptSetProviderExW
GetUserNameA
RegQueryValueW
CryptSetHashParam

user32

CharNextA
SetWindowTextW
CreateMDIWindowA
WaitMessage
wvsprintfW
ExcludeUpdateRgn
AppendMenuW
CreateDialogParamA
SetUserObjectInformationA
SetClipboardData
CharLowerBuffA
LoadIconW
MonitorFromRect
CheckMenuRadioItem
IsCharAlphaNumericW
CloseDesktop
CallWindowProcA
TabbedTextOutA
MsgWaitForMultipleObjects
ToAscii
ScreenToClient
GetPriorityClipboardFormat

comdlg32

PrintDlgA
ChooseFontA
ChooseColorW
ChooseColorA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a507f7eb529d89ee9d59500315a79bf7

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 128KB - Virtual size: 127KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 128KB - Virtual size: 127KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 8KB - Virtual size: 7KB