b5e11abd2f071adea34b3544cc76e99e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5e11abd2f071adea34b3544cc76e99e_JaffaCakes118
Size

504KB
MD5

b5e11abd2f071adea34b3544cc76e99e
SHA1

db8bcd8ff0772c9b197f5930155d8cbce53b8e96
SHA256

4280a46f391df66d938a984d28df7d6fb53cb18fd592a9f8e5d563224702d05f
SHA512

6c49601586eb75206a9b9e4d6fa103cb3659576652b6e8b4a07f87fe94b7c092d04f0d30fc9c269684e4e209b6a6bc354c2089015b48a67c9eaa78ea1c2a0fc1
SSDEEP

12288:3uHOSOG7H7g+l7hzpTSQyz9YnBY9n3UyKPuhJ5RuI:eHHzv7hzpTho9aQ3KPQ5Ru

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5e11abd2f071adea34b3544cc76e99e_JaffaCakes118

Files

b5e11abd2f071adea34b3544cc76e99e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0cefb1283ed76e14371b74584b15673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qbieflrzmr\jfeejgwe\ore

Imports

wininet

ShowClientAuthCerts
InternetHangUp
CommitUrlCacheEntryW
FindCloseUrlCache
FtpPutFileEx

advapi32

CryptDestroyHash
CryptAcquireContextW
CryptGetDefaultProviderW
RegSetValueW
CryptReleaseContext
CryptGetDefaultProviderA
DuplicateToken
RevertToSelf
CryptSetProviderExA
RegLoadKeyW
RegQueryMultipleValuesW
StartServiceA
CryptCreateHash
CryptSetProviderW
LookupPrivilegeNameW
CryptAcquireContextA

gdi32

GetMetaRgn
SetPolyFillMode
CreateICW
PolyPolyline
FlattenPath
SetViewportOrgEx
GetKerningPairs
ResetDCA
CreatePatternBrush
Rectangle
GetStockObject
SetBrushOrgEx
EnumFontsA
ChoosePixelFormat

kernel32

WriteConsoleW
TerminateProcess
GetModuleHandleA
FlushFileBuffers
GlobalFix
GetEnvironmentStrings
EnterCriticalSection
HeapAlloc
GetThreadSelectorEntry
CloseHandle
OpenMutexA
GetCommandLineA
CreateFileA
SetEnvironmentVariableA
InterlockedDecrement
LocalFlags
HeapFree
HeapReAlloc
MoveFileExW
GetSystemTimeAsFileTime
DeleteCriticalSection
GetLogicalDriveStringsW
GetStdHandle
OutputDebugStringA
TlsGetValue
LCMapStringA
GetCPInfo
MultiByteToWideChar
RtlUnwind
GetStringTypeW
LoadLibraryW
GetShortPathNameW
GetTickCount
SetStdHandle
LoadLibraryA
RtlMoveMemory
UnhandledExceptionFilter
TlsFree
GetCurrentProcessId
FreeLibrary
GetCurrentThreadId
GetProcAddress
GetACP
lstrlenA
SetFilePointer
WriteFile
GetLocaleInfoW
IsBadReadPtr
TlsAlloc
SetUnhandledExceptionFilter
InterlockedExchange
lstrcatA
LeaveCriticalSection
IsValidCodePage
FindClose
GetModuleFileNameW
GetTimeFormatA
GetLocaleInfoA
LCMapStringW
IsValidLocale
FindFirstFileW
WideCharToMultiByte
GetStartupInfoA
RaiseException
CompareStringA
GetTimeZoneInformation
GetDateFormatA
InterlockedIncrement
SetLastError
SetHandleCount
FindResourceExW
ReadFile
SetThreadAffinityMask
GetEnvironmentStringsW
LocalUnlock
GetConsoleMode
GetOEMCP
GetPrivateProfileStructA
ExitProcess
WriteConsoleA
VirtualUnlock
DebugBreak
TlsSetValue
GetFileType
IsDebuggerPresent
GetConsoleCP
GetModuleFileNameA
VirtualFree
GetUserDefaultLCID
GetPriorityClass
HeapValidate
GetProcessHeap
CreateMutexA
WriteConsoleOutputA
EnumSystemLocalesA
MapViewOfFileEx
InitializeCriticalSection
GetCurrentThread
GetStringTypeA
HeapDestroy
EnumSystemLocalesW
QueryPerformanceCounter
GetConsoleOutputCP
SetConsoleCtrlHandler
OutputDebugStringW
CompareStringW
GetVersionExA
SetConsoleOutputCP
FreeEnvironmentStringsA
VirtualAlloc
VirtualQuery
ReadConsoleOutputAttribute
FreeEnvironmentStringsW
HeapCreate
GetCurrentProcess
GetLastError

user32

GetProcessWindowStation
DeferWindowPos
GetTabbedTextExtentW
MessageBoxExA
UnregisterHotKey
OemToCharA
SetClipboardViewer
CreateAcceleratorTableW
RegisterWindowMessageW
SetClassWord
RegisterClassA
SetWindowWord
IsClipboardFormatAvailable
CreateMDIWindowW
SetUserObjectInformationW
IsChild
GetKeyNameTextA
LoadMenuA
ToUnicodeEx
IsIconic
RegisterClassExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0cefb1283ed76e14371b74584b15673

Headers

File Characteristics

PDB Paths

Imports

wininet

advapi32

gdi32

kernel32

user32

comctl32

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 66KB - Virtual size: 72KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 66KB - Virtual size: 72KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 13KB - Virtual size: 13KB