b1e95904a1c7f404ef01cbf236aa7183_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1e95904a1c7f404ef01cbf236aa7183_JaffaCakes118
Size

582KB
MD5

b1e95904a1c7f404ef01cbf236aa7183
SHA1

f3ada7266e28a2daf1690005716be2097c66f5f1
SHA256

515389252b5e075f6668c83381ada9c980aac8d2875b5fedc8a09c284e331365
SHA512

74da830e1285e6305ffb747e7c56dc92d261b98d437e9adadc76be5490a64c6602de9d12baef1e5def1d37413611694714fca539dcefbfefcac353ab0ac93904
SSDEEP

12288:EPzwu1ZwPd6zs6dAZ10JbP7TJGXU2hXuDYlJb2dWvA+DS:EPznZwPd6zs6dA30JD7TgX5e6ME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1e95904a1c7f404ef01cbf236aa7183_JaffaCakes118

Files

b1e95904a1c7f404ef01cbf236aa7183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc5e8cbe57680476d5af90a0e69ee30b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
StartServiceW
RegOpenKeyExA
CryptDeriveKey
CryptHashSessionKey
InitializeSecurityDescriptor
CryptVerifySignatureW
CryptVerifySignatureA

user32

UnionRect
SetWindowRgn
GetScrollRange
CopyRect
CascadeWindows
OffsetRect
MessageBoxExW
ModifyMenuW
DialogBoxParamW
IsWindow
DdeConnectList
RegisterDeviceNotificationA
SetWindowLongW
TranslateAcceleratorW
ChangeDisplaySettingsExW
GetClassInfoA
RemovePropW
SetPropW
RegisterClassExA
GetWindowInfo
WINNLSEnableIME
RegisterClassA
EnumDisplaySettingsExW

kernel32

CreatePipe
TlsAlloc
GetVersionExA
SetComputerNameA
InterlockedIncrement
EnumDateFormatsExA
GetStartupInfoA
GetLongPathNameW
EnumSystemLocalesA
InterlockedExchangeAdd
HeapLock
CompareStringA
SetConsoleCtrlHandler
OpenMutexA
SetLastError
VirtualQuery
DeleteAtom
GetEnvironmentStringsW
GetDiskFreeSpaceExA
EnumSystemLocalesW
GetCurrentProcess
GetUserDefaultLCID
InterlockedDecrement
GetCPInfo
GetConsoleOutputCP
GetCurrentThread
TlsGetValue
SetLocaleInfoA
LoadLibraryA
MoveFileW
IsDebuggerPresent
WriteFile
FreeEnvironmentStringsA
HeapCreate
VirtualAlloc
LCMapStringW
FlushFileBuffers
GetTimeFormatA
SetThreadAffinityMask
IsValidCodePage
GetConsoleMode
GetCommandLineA
GetModuleHandleA
GetEnvironmentStrings
WaitForSingleObject
GetProfileIntA
MultiByteToWideChar
VirtualFreeEx
GetModuleFileNameW
CreateMutexA
Sleep
TlsFree
GetFileType
DebugActiveProcess
HeapAlloc
GetProcAddress
WriteConsoleA
RtlUnwind
GetProcessHeap
GetStdHandle
InitializeCriticalSection
ExpandEnvironmentStringsA
GetACP
GetTickCount
VirtualFree
GetTimeZoneInformation
QueryPerformanceCounter
HeapDestroy
GetModuleFileNameA
HeapSize
GetLastError
SetUnhandledExceptionFilter
CreateFileA
WideCharToMultiByte
GetOEMCP
InterlockedExchange
LCMapStringA
GetDateFormatA
EnterCriticalSection
GetConsoleCP
ReadFile
ExitProcess
GetLocaleInfoA
TerminateProcess
GetShortPathNameA
IsValidLocale
WriteConsoleOutputAttribute
SetStdHandle
UnhandledExceptionFilter
GetNumberFormatW
SetEnvironmentVariableA
GetStartupInfoW
HeapFree
WriteConsoleW
LeaveCriticalSection
CloseHandle
GetCurrentThreadId
SetFilePointer
FreeEnvironmentStringsW
GetCurrentProcessId
GetCommandLineW
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetSystemTimeAsFileTime
FreeLibrary
LocalReAlloc
HeapReAlloc
SetHandleCount
DeleteCriticalSection
GetStringTypeA
TlsSetValue

comctl32

InitCommonControlsEx

comdlg32

FindTextW
PageSetupDlgW
ReplaceTextA

Sections

.text
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc5e8cbe57680476d5af90a0e69ee30b

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

comdlg32

Sections

.text Size: 242KB - Virtual size: 242KB

.rdata Size: 10KB - Virtual size: 27KB

.data Size: 320KB - Virtual size: 319KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 242KB - Virtual size: 242KB

.rdata
Size: 10KB - Virtual size: 27KB

.data
Size: 320KB - Virtual size: 319KB

.rsrc
Size: 8KB - Virtual size: 8KB