b67fa737288b4bc51605a06e70d10d65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b67fa737288b4bc51605a06e70d10d65_JaffaCakes118
Size

438KB
MD5

b67fa737288b4bc51605a06e70d10d65
SHA1

d78462cf5cbd58599866789313dd5e9c00bf6b23
SHA256

8898d249d81a47186167ab12333df81b9647f0895598fdd22eab82dad120ec35
SHA512

9551a0a7fedd75b7f900b9b06e7cfef9f7c9e54dadda00f695293798d106a59cb151ae69d2ea2e030da99aeea087fe1e4590b98d985898860b1539739875cab9
SSDEEP

12288:FjJGFplbvsH8At0o26kU7d/I6zyuNqhTx8j:FjQPVs50p6T79I6uxT8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b67fa737288b4bc51605a06e70d10d65_JaffaCakes118

Files

b67fa737288b4bc51605a06e70d10d65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63af07a7a3ec83a61b5dd52e95d5f540

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
HeapCreate
InterlockedExchange
WriteConsoleA
TerminateProcess
FlushFileBuffers
IsDebuggerPresent
SetLastError
RtlUnwind
GetStdHandle
GetCurrentProcess
GetCommandLineA
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetCurrentThreadId
SetEnvironmentVariableA
CreateMutexA
GetVersionExA
VirtualFree
GetCurrentThread
LCMapStringW
GetDateFormatA
GetFileType
GetEnvironmentStringsW
GetOEMCP
GetProcessHeap
TlsFree
GetModuleHandleW
InitializeCriticalSection
GetModuleHandleA
ReadConsoleOutputAttribute
GetProcAddress
GetLocaleInfoA
VirtualQuery
CreateFileA
SetHandleCount
HeapSize
ReadFile
OpenMutexA
SetStdHandle
GetStartupInfoA
WriteFile
TlsGetValue
VirtualAlloc
QueryPerformanceCounter
GetConsoleCP
WriteConsoleW
CloseHandle
GetStringTypeA
GetUserDefaultLCID
Sleep
FreeLibrary
EnterCriticalSection
GetCurrencyFormatA
SetFilePointer
FreeEnvironmentStringsA
CompareStringW
GetSystemTimeAsFileTime
HeapFree
InterlockedDecrement
MultiByteToWideChar
LeaveCriticalSection
TlsAlloc
GetConsoleMode
LoadLibraryA
GlobalFindAtomA
CompareStringA
TlsSetValue
InterlockedIncrement
HeapAlloc
IsValidLocale
HeapDestroy
DeleteCriticalSection
GetACP
FlushConsoleInputBuffer
GetTickCount
ExitProcess
GetAtomNameA
GetCPInfo
WriteFileEx
WideCharToMultiByte
SetConsoleCtrlHandler
GetTimeFormatA
GetCurrentProcessId
GetConsoleOutputCP
GetLastError
FindNextFileW
HeapReAlloc
GetLocaleInfoW
FindClose
LCMapStringA
UnhandledExceptionFilter
GetTimeZoneInformation
lstrcmpiA
EnumSystemLocalesA
IsValidCodePage
GetModuleFileNameA
GetStringTypeW

comdlg32

ChooseColorW
GetSaveFileNameW
FindTextA

comctl32

InitCommonControlsEx

gdi32

CreateBitmapIndirect
CreateColorSpaceW
StartDocA
GetCharWidth32W

user32

DefWindowProcW
GetDC
CharPrevA
LoadBitmapA
DdeGetData
GetClassInfoW
GetGUIThreadInfo
PostMessageA
OemToCharW
SetClassLongA
BeginDeferWindowPos
MapVirtualKeyA
ClipCursor
GetCapture
MonitorFromRect
NotifyWinEvent
CallNextHookEx
ChangeDisplaySettingsA
SetPropA
EnumClipboardFormats
RegisterClassExA
SetMenuDefaultItem
ScrollDC
SetUserObjectInformationA
RegisterClassA

advapi32

CryptSetProviderW
CryptDeriveKey
CryptDuplicateHash
InitializeSecurityDescriptor
CryptContextAddRef
LookupPrivilegeNameA
CryptEnumProvidersW

shell32

ShellExecuteExW
ExtractAssociatedIconExW
SheGetDirA
ExtractAssociatedIconW
SHFormatDrive

Sections

.text
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63af07a7a3ec83a61b5dd52e95d5f540

Headers

File Characteristics

Imports

kernel32

comdlg32

comctl32

gdi32

user32

advapi32

shell32

Sections

.text Size: 203KB - Virtual size: 202KB

.rdata Size: 10KB - Virtual size: 31KB

.data Size: 210KB - Virtual size: 209KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 203KB - Virtual size: 202KB

.rdata
Size: 10KB - Virtual size: 31KB

.data
Size: 210KB - Virtual size: 209KB

.rsrc
Size: 13KB - Virtual size: 13KB