b9b20728812e71186e91530adf001a2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9b20728812e71186e91530adf001a2e_JaffaCakes118
Size

511KB
MD5

b9b20728812e71186e91530adf001a2e
SHA1

879c84c38cee76675d482f06de50a00ece7b4e11
SHA256

dab6d20d32df93147830f1420bb37b232758187a182a7495018538a73bdaf338
SHA512

c7fee72fc7c588179a085b5b58296be8f2d19898d1be2536ae2ef8bba29ec7d53b7b680301b4b2689f88ffe50e9a244c7df254d224e4e7f0142eb66e33dba26e
SSDEEP

12288:0aGP02ZDHqsVwCig880Tf4TbHdoFXkC9LRt7Bml4vsl495EV:LANHqrg8PpFUC9rcgr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9b20728812e71186e91530adf001a2e_JaffaCakes118

Files

b9b20728812e71186e91530adf001a2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

530767b0a9fb9b0dde35c2e5983d9757

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
CreateDIBPatternBrushPt
GetClipRgn

shell32

SHGetSettings

advapi32

LookupAccountNameA
RegQueryValueExA
CryptSetKeyParam
RegSaveKeyW
RegOpenKeyW
DuplicateTokenEx
RegSetValueExW
CryptGetDefaultProviderA
ReportEventA
CryptSetProviderExA
RegRestoreKeyW
RegOpenKeyA
ReportEventW
RegDeleteKeyA
StartServiceW
RegCreateKeyExA
RegEnumKeyExA
RegEnumKeyW
LookupSecurityDescriptorPartsW
CryptSignHashA
LogonUserA

comdlg32

FindTextA

user32

ExitWindowsEx
RegisterClassExA
GetMenuItemID
RegisterClassA
FindWindowA

comctl32

InitCommonControlsEx

kernel32

SetHandleCount
GetTimeZoneInformation
GetSystemDefaultLangID
LCMapStringA
GetFileType
VirtualQuery
IsValidLocale
FlushFileBuffers
GetUserDefaultLCID
GetProcAddress
OpenMutexW
TerminateProcess
GetOEMCP
CloseHandle
GetStdHandle
GetCPInfo
LeaveCriticalSection
CompareStringW
LCMapStringW
QueryPerformanceCounter
LoadLibraryA
SetComputerNameW
EnumDateFormatsExA
GetStringTypeA
GetVersionExA
ResetEvent
SetUnhandledExceptionFilter
SetStdHandle
DeleteCriticalSection
HeapCreate
SetFilePointer
TlsSetValue
TerminateThread
GetModuleFileNameA
LoadLibraryW
GetLocaleInfoA
GetSystemTimeAsFileTime
GetConsoleOutputCP
HeapReAlloc
InitializeCriticalSection
EnumSystemLocalesA
CreateMutexA
GetConsoleMode
EnterCriticalSection
TlsAlloc
InterlockedExchange
SetConsoleCtrlHandler
GetLastError
ExitProcess
SetLastError
RtlFillMemory
WideCharToMultiByte
WriteConsoleW
TlsFree
CompareStringA
CreateDirectoryExW
GetConsoleCP
VirtualAlloc
GetLocaleInfoW
GetEnvironmentStringsW
CompareFileTime
FreeEnvironmentStringsA
FreeLibrary
InterlockedIncrement
GetCurrentThreadId
ReadFile
GetACP
GlobalGetAtomNameA
GetModuleHandleA
GetEnvironmentStrings
SetConsoleCursorInfo
WriteConsoleA
GetCurrentProcessId
GetStringTypeW
RtlUnwind
GetCurrentProcess
GetEnvironmentVariableA
GetCommandLineA
GetTimeFormatA
GetTickCount
GetCurrentThread
FreeEnvironmentStringsW
InterlockedDecrement
GetStartupInfoA
GetDateFormatA
HeapFree
IsDebuggerPresent
OpenSemaphoreW
GetSystemTimeAdjustment
HeapAlloc
SetEnvironmentVariableA
IsValidCodePage
HeapSize
TlsGetValue
HeapDestroy
MultiByteToWideChar
UnhandledExceptionFilter
Sleep
WriteFile
GetPrivateProfileStringA
FindClose
OpenMutexA
CreateFileA
GetProcessHeap
VirtualFree

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

530767b0a9fb9b0dde35c2e5983d9757

Headers

File Characteristics

Imports

gdi32

shell32

advapi32

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 10KB - Virtual size: 39KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 10KB - Virtual size: 39KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 6KB - Virtual size: 6KB