afee1076f57e9cb67989a81b697ebd0d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

afee1076f57e9cb67989a81b697ebd0d_JaffaCakes118
Size

96KB
MD5

afee1076f57e9cb67989a81b697ebd0d
SHA1

9efac7e2e3c543b7a8ababa3400740e436b6559c
SHA256

e90319041147567e18e7d6ea9e3937275284b7e9bd9813bfbccdc0ac8a375f96
SHA512

e22c6ac469df143d5eda93a6a7e022d79c2d32735b00bcac7581c122b76d1b2b2d7aabfb21b84d22bcebd5e7f993013a7f9147211ef56bf4b2065f736ea26e67
SSDEEP

1536:K6jO/Za/QIX73/Z8hvv7s9AGqEGwydU7zEzVzY8LLPGNQNY7MGDAu3rBxqFC:Kj/bIr+rs9AywUid5PG9G2rBl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afee1076f57e9cb67989a81b697ebd0d_JaffaCakes118

Files

afee1076f57e9cb67989a81b697ebd0d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe23cd1ef3959dcb275509d10002628b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
SetFileAttributesA
lstrlenA
FindClose
CreateMutexA
CreateDirectoryW
FindFirstFileW
GetWindowsDirectoryA
SetFilePointer
MoveFileA
ReadFile
GetCurrentProcessId
ReleaseSemaphore
GetUserDefaultLangID
WriteFile
QueryPerformanceCounter
FindResourceW
VirtualAlloc
CreateFileW
GetTempFileNameW
CloseHandle
VirtualQuery
SetVolumeLabelA
MultiByteToWideChar
GetTempPathW
GetSystemDirectoryW
CreateFileA
GetTickCount
SetLastError
SizeofResource
CreateSemaphoreA
LoadResource
GetCurrentProcess
InterlockedIncrement
GetCurrentThreadId
RemoveDirectoryW
IsBadReadPtr
DeleteFileW
GetVersionExA
GetFileSize
DeviceIoControl
VirtualUnlock
GetPrivateProfileStringW
InterlockedDecrement
HeapFree
GetSystemTime
lstrcmpiA
ReleaseMutex
LockResource
GetSystemDefaultLangID
GetProcessHeap
GetStartupInfoA
UnhandledExceptionFilter
GetLastError
LocalFree
GetSystemTimeAsFileTime
HeapAlloc
GetFileAttributesW
VirtualLock
SetUnhandledExceptionFilter
GetPrivateProfileIntW
FindNextFileW
VirtualFree

user32

SetDlgItemTextA
DialogBoxIndirectParamA
ReleaseDC
EnableWindow
CallWindowProcA
EndDialog
SetWindowLongA
CharPrevA
MessageBoxA
CharUpperA
SetForegroundWindow
CharNextA
SendDlgItemMessageA
SetWindowPos
ExitWindowsEx
GetDC
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
GetWindowLongA
MessageBeep
wsprintfA
SendMessageA
GetWindowRect
GetDlgItemTextA
LoadStringA
GetDesktopWindow
GetDlgItem
SetWindowTextA
ShowWindow

gdi32

DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA

advapi32

CryptAcquireContextA
CryptGetHashParam
RegOpenKeyExA
CryptHashData
RegQueryValueExA
CryptCreateHash
CryptDestroyHash
RegCloseKey

ole32

CoGetInterfaceAndReleaseStream
CLSIDFromProgID
OleInitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream

ntdll

NtQueryObject
RtlEqualUnicodeString
RtlCreateSecurityDescriptor
RtlInitUnicodeString
RtlGetDaclSecurityDescriptor
NtQuerySecurityObject
RtlSetDaclSecurityDescriptor
NtSetSecurityObject
RtlInitAnsiString

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lvbe
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe23cd1ef3959dcb275509d10002628b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 117KB

.lvbe Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 247KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 117KB

.lvbe
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 247KB