b45cc3968ea0229d6c3eba9b6e5c936c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b45cc3968ea0229d6c3eba9b6e5c936c_JaffaCakes118
Size

515KB
MD5

b45cc3968ea0229d6c3eba9b6e5c936c
SHA1

966a955141896cad7cfc8daaa3793e599a27d954
SHA256

86e4fb38d85185fd657c8021a073b360a1a2ab3b60131d11bde78b9b15ee3b4d
SHA512

c6b2f9c39b34c5e17fe92eb2de4375923790e181fec6c48ce60fce2fd4b0e3b899014aaabe432c0961e8f95485d310573c74ed78b228af80dd2ee5f4405a7feb
SSDEEP

12288:EpqhjLYzH231JknCkrpRzMyq3LYky+THHiFWdBxjLuRIj:LjLyWBkrpxMpYky0HCFW5sIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b45cc3968ea0229d6c3eba9b6e5c936c_JaffaCakes118

Files

b45cc3968ea0229d6c3eba9b6e5c936c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fc6cb3d52f9039a8afe8b72400099b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenWindowStationA
EnumDisplaySettingsA
DrawIcon
RegisterClassA
GetMenuInfo
InsertMenuW
CharNextExA
KillTimer
EnumWindowStationsW
NotifyWinEvent
GetComboBoxInfo
EndPaint
CreateAcceleratorTableA
TranslateAccelerator
CreateAcceleratorTableW
RegisterClassExA
EqualRect
EnumDisplayMonitors

comctl32

InitCommonControlsEx

advapi32

LookupPrivilegeDisplayNameA
CryptDestroyHash
CryptGetKeyParam
RegQueryValueExA
RegCreateKeyW
CryptEnumProviderTypesA
RegNotifyChangeKeyValue
ReportEventA
CryptGetUserKey
StartServiceA
CryptDuplicateHash
RevertToSelf
CryptEnumProvidersW
DuplicateToken
GetUserNameW
RegQueryMultipleValuesA
LookupPrivilegeValueA
CryptEncrypt
LookupAccountNameA
CryptContextAddRef
CryptGetDefaultProviderW

kernel32

TlsSetValue
GetStartupInfoA
IsBadWritePtr
SetHandleCount
DeleteCriticalSection
FreeEnvironmentStringsA
GetCurrentThread
GetOEMCP
lstrcat
GetLastError
WriteFile
InterlockedIncrement
VirtualFree
GetEnvironmentStringsW
GetCPInfo
LCMapStringA
RtlUnwind
TerminateProcess
TlsGetValue
CreateMutexA
CreateToolhelp32Snapshot
CreateFileMappingA
HeapDestroy
InterlockedDecrement
GetStdHandle
UnhandledExceptionFilter
LoadLibraryA
FindFirstFileW
CloseHandle
GetLocalTime
GetVersion
FreeResource
GetEnvironmentStrings
OpenMutexA
GetFileType
MultiByteToWideChar
FlushFileBuffers
FreeEnvironmentStringsW
ReadFile
GetStringTypeExA
GetCurrentProcess
VirtualAllocEx
SetThreadAffinityMask
GetStringTypeW
ExitProcess
GetSystemTime
LCMapStringW
GetCurrentProcessId
GetProcAddress
LocalLock
CompareStringA
HeapAlloc
GetCurrentThreadId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetStdHandle
GetProcessShutdownParameters
GetProfileIntA
InitializeCriticalSection
VirtualQuery
HeapReAlloc
GetTickCount
InterlockedExchange
GetModuleFileNameA
TlsAlloc
QueryPerformanceCounter
SetFilePointer
CompareStringW
GetPrivateProfileSectionNamesA
HeapCreate
GetTimeZoneInformation
GetCommandLineA
GetModuleHandleA
CreateWaitableTimerW
LeaveCriticalSection
HeapFree
TlsFree
EnumResourceLanguagesW
GetStringTypeA
WideCharToMultiByte
EnterCriticalSection
SetLastError
VirtualAlloc
GetACP

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fc6cb3d52f9039a8afe8b72400099b3

Headers

File Characteristics

Imports

user32

comctl32

advapi32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 5KB - Virtual size: 27KB

.data Size: 354KB - Virtual size: 354KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 5KB - Virtual size: 27KB

.data
Size: 354KB - Virtual size: 354KB

.rsrc
Size: 8KB - Virtual size: 8KB