b041a23d257235d1d206d52adfbb8569_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b041a23d257235d1d206d52adfbb8569_JaffaCakes118
Size

421KB
MD5

b041a23d257235d1d206d52adfbb8569
SHA1

956751de4e8907cdd13129879f102347b682c601
SHA256

db2f780dd87bf2f02d609b8b6161f53d435985b4c99c1b300f45b18d56724ff2
SHA512

b158717e5e88000e3bbee2ec12007959aa9f036e7e39a0feb5912f34ac68f746efb8961482e72425d2751a2e8fe82f9ca2240956ed8fcd60d5e9107fe9a961eb
SSDEEP

6144:dRpWqlJ8djje7cp/hJGqos5Xz6YSwemzHoJioDadAkTPqh0ZCsor1sWrEtRfia8m:dRpWq78jR/T7R5mRgIJuVpZpor1Kt2Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b041a23d257235d1d206d52adfbb8569_JaffaCakes118

Files

b041a23d257235d1d206d52adfbb8569_JaffaCakes118
.exe windows:4 windows x86 arch:x86

411b4cb3a45e51698fc0635b1a3d64f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuBarInfo
SetCursor
CreateIcon
CharPrevA
TranslateAcceleratorA
SetWindowsHookExW
DestroyMenu
GetWindowWord
VkKeyScanExW
SetCursorPos
FreeDDElParam
DrawTextA
CreateDialogParamW
GetDlgItemInt
DlgDirSelectComboBoxExA
GetMenuState

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

LookupAccountNameA
RegReplaceKeyW
AbortSystemShutdownA
RegEnumKeyExA
RegDeleteKeyW
CryptSetProviderA
RegEnumKeyW
RegSetValueW
RegConnectRegistryA
InitializeSecurityDescriptor
CryptVerifySignatureW
StartServiceW
CreateServiceA
CryptGetDefaultProviderA
CryptSignHashA
RegOpenKeyExA
LookupPrivilegeValueW
GetUserNameW
RegQueryValueA
CryptEnumProviderTypesA
CryptDestroyHash
LookupSecurityDescriptorPartsA
CryptGetKeyParam
CryptImportKey

shell32

RealShellExecuteW
SHGetSpecialFolderPathA
ShellExecuteA
ExtractIconEx
SHGetSpecialFolderPathW
DragQueryFileA
DuplicateIcon
DragFinish
SHInvokePrinterCommandW
FindExecutableW
SHEmptyRecycleBinW

kernel32

GetCurrentThread
FlushFileBuffers
TlsAlloc
VirtualAlloc
GetStdHandle
InterlockedExchange
TlsGetValue
GetModuleFileNameA
GetCurrentThreadId
GetCurrencyFormatA
IsBadWritePtr
GetOEMCP
GetProcAddress
SetLastError
WriteFile
lstrlenA
WideCharToMultiByte
FreeEnvironmentStringsA
GetVersionExA
VirtualFree
GetLocaleInfoW
GetStringTypeA
HeapAlloc
MapViewOfFileEx
EnumResourceNamesA
GetLocaleInfoA
HeapSize
VirtualProtect
DeleteCriticalSection
LCMapStringW
GetTimeFormatA
SetSystemTime
EnumTimeFormatsW
IsValidCodePage
HeapReAlloc
GetLastError
GetEnvironmentStringsW
GetStringTypeW
EnterCriticalSection
GetCurrentProcessId
IsValidLocale
HeapDestroy
GetCommandLineA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCPInfo
GetUserDefaultLCID
HeapFree
GetTickCount
GetACP
EnumSystemLocalesA
GetComputerNameW
GetDateFormatA
LocalAlloc
ExitProcess
CompareStringW
HeapCreate
TlsFree
ReadConsoleOutputCharacterW
SetEnvironmentVariableA
QueryPerformanceCounter
MultiByteToWideChar
InitializeCriticalSection
GetConsoleOutputCP
FreeEnvironmentStringsW
LCMapStringA
LoadLibraryA
TlsSetValue
GetModuleHandleA
GetTimeZoneInformation
RtlUnwind
TerminateProcess
GetStartupInfoA
VirtualQuery
GetSystemInfo
GetFileType
GetCurrentProcess
LeaveCriticalSection
SetHandleCount
GetEnvironmentStrings
CompareStringA

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

411b4cb3a45e51698fc0635b1a3d64f8

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

shell32

kernel32

Sections

.text Size: 135KB - Virtual size: 135KB

.data Size: 272KB - Virtual size: 289KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 135KB - Virtual size: 135KB

.data
Size: 272KB - Virtual size: 289KB

.rsrc
Size: 12KB - Virtual size: 12KB