c16caac08f03c5daa2f12b7f70f5f41a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c16caac08f03c5daa2f12b7f70f5f41a_JaffaCakes118
Size

749KB
MD5

c16caac08f03c5daa2f12b7f70f5f41a
SHA1

a1bd2447243030c3a398a692078ce1475982a55e
SHA256

664fd806d2cef62baf1796790d80a682ac24b7b26d712b088a75e87e512d4e70
SHA512

1dea90c44ef259932f19704f393be6411b8eb83009384c258342ede41064cc2e0decfddf09e5914f64bfecf9a6b0c7ca2d8a25ed6e6ca6c0171437b9ba2a8069
SSDEEP

12288:fmhKN1EmmpbdeACsTUolqNnrSSug1ICzR0eIJHmtRM+5ovhJ9ucr6cixHz8RpXgB:fmQNiBNsnlUzdr69Hz8R1grsasyOoJI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c16caac08f03c5daa2f12b7f70f5f41a_JaffaCakes118

Files

c16caac08f03c5daa2f12b7f70f5f41a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c752efdf608bb9912786247d61a58f35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
lstrlenA
LoadLibraryA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
CreateToolhelp32Snapshot
Process32First
Process32Next
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
DeleteFileW
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetLastError
GetTempPathW
FlushFileBuffers
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
LoadLibraryW
WideCharToMultiByte
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GlobalLock
UnlockFileEx
GetTickCount
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
SetFilePointerEx
GetProcAddress
OpenProcess
TerminateProcess
Sleep
ReadConsoleW
GetFileType
GetConsoleMode
GetConsoleCP
CloseHandle
GetProcessHeap
EncodePointer
DecodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
RaiseException
RtlUnwind
LoadLibraryExW
CreateThread
ExitThread
GetCommandLineA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetModuleFileNameW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW

user32

GetClipboardData
CloseClipboard
OpenClipboard
GetForegroundWindow

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathA

crypt32

CryptStringToBinaryA
CryptUnprotectData

Sections

.text
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c752efdf608bb9912786247d61a58f35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

crypt32

Sections

.text Size: 651KB - Virtual size: 651KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 32KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 651KB - Virtual size: 651KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 32KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 15KB - Virtual size: 14KB