b870c8e559fd1bbd09090beb650f7158_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b870c8e559fd1bbd09090beb650f7158_JaffaCakes118
Size

589KB
MD5

b870c8e559fd1bbd09090beb650f7158
SHA1

525f6157ad157c4b421769422b3bf262f023f872
SHA256

7a41d1b6de95011994a2a8f0f7334133aabfb360fe854a0ec4d264571ad845bb
SHA512

efe221d3203ee5946e85680b6a2c6ba1c5c3aae10e833697e595f38b0c309d81c37968e0303e50f913ff2b828faa3f24fda42a3f62eb4f292a2dacee0df458ea
SSDEEP

12288:Kl3zvZW1/NMJzvvzHJJ1A5r6IfQ+6qVPyhq8CBqN4QVStypFWt:KyCFv7HJJ1A5rzLEhqJa4Q4gp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b870c8e559fd1bbd09090beb650f7158_JaffaCakes118

Files

b870c8e559fd1bbd09090beb650f7158_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a415e8b1e33f4229b54a91068e5659b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

SystemParametersInfoA
ToUnicode
LoadBitmapA
WindowFromDC
CharUpperA
WinHelpW
IsMenu
RegisterClassA
CountClipboardFormats
GetListBoxInfo
DestroyAcceleratorTable
ChangeDisplaySettingsExW
GetScrollPos
RegisterClassExA
CharToOemW

kernel32

HeapFree
GetModuleFileNameW
VirtualFree
WriteFile
MultiByteToWideChar
FreeEnvironmentStringsA
GetCurrentProcessId
VirtualQuery
InterlockedIncrement
DeleteCriticalSection
GetModuleHandleA
GetModuleFileNameA
CompareStringA
GetStartupInfoW
GetSystemTime
InterlockedDecrement
GetSystemTimeAsFileTime
GetEnvironmentStringsW
WideCharToMultiByte
ExitProcess
LoadLibraryA
SetFileAttributesW
SetLastError
VirtualAlloc
GetTimeZoneInformation
GetCPInfo
SetHandleCount
TlsSetValue
InitializeCriticalSection
TlsGetValue
GetStdHandle
IsBadWritePtr
GetEnvironmentStrings
RtlUnwind
UnhandledExceptionFilter
CloseHandle
CreateMutexA
SetFilePointer
TlsFree
GetCalendarInfoW
ReadFile
GetLocalTime
FlushFileBuffers
LCMapStringA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetVersion
GetCurrentThread
GetCommandLineW
GetCommandLineA
HeapReAlloc
EnterCriticalSection
HeapCreate
InterlockedExchange
GetFileType
GetLastError
HeapDestroy
SetStdHandle
GetProcAddress
GetStringTypeA
GetCurrentProcess
GetCurrentThreadId
CompareStringW
GetTickCount
GetPriorityClass
LCMapStringW
LeaveCriticalSection
GetStartupInfoA
OpenMutexA
TlsAlloc
HeapAlloc
TerminateProcess
SetEnvironmentVariableA
GetStringTypeW

comdlg32

GetOpenFileNameW

wininet

InternetCombineUrlA
IsUrlCacheEntryExpiredW

advapi32

RegSaveKeyW
CryptHashSessionKey
StartServiceW
CryptDuplicateHash
StartServiceA
LookupPrivilegeValueA
ReportEventW

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a415e8b1e33f4229b54a91068e5659b

Headers

File Characteristics

Imports

comctl32

user32

kernel32

comdlg32

wininet

advapi32

Sections

.text Size: 258KB - Virtual size: 257KB

.rdata Size: 4KB - Virtual size: 9KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 258KB - Virtual size: 257KB

.rdata
Size: 4KB - Virtual size: 9KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 9KB - Virtual size: 8KB