c1fcbe6447b5a9aad04c3de0ac3a92dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1fcbe6447b5a9aad04c3de0ac3a92dc_JaffaCakes118
Size

1.9MB
MD5

c1fcbe6447b5a9aad04c3de0ac3a92dc
SHA1

8970d723129d4908196f0d606c72f4cefee114d2
SHA256

1922816a16f12055cd141a8228f34119f807992c701bfa6d7a21e675d7aac0c4
SHA512

5a200c9a4b6a8839b5e9d894dc99be8cf9acf0cb2c014ab9447bcf513e7f830b74c44c9a132de64f5df898f7ac4bb7b7fbf6e91db8cc882818fb717fe3dc78f7
SSDEEP

24576:E9Ow1a+jYAAFWWyIUEitKwIUpR+mCk/t/3e6j1oFg9V1:EQCMhWIoE+nF11v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1fcbe6447b5a9aad04c3de0ac3a92dc_JaffaCakes118

Files

c1fcbe6447b5a9aad04c3de0ac3a92dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d28cf55c1e238dd498cb1ddf56f46220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ScrollWindowEx
PostMessageW
DdeCmpStringHandles
GetIconInfo
FindWindowW
SetRectEmpty
FillRect
ScreenToClient
ExitWindowsEx
TrackPopupMenuEx
AppendMenuW
SetMenu
IsDlgButtonChecked
EndDialog
DestroyWindow

kernel32

GetSystemTime
FileTimeToLocalFileTime
GetSystemTimeAdjustment
FormatMessageW
TransactNamedPipe
lstrcmpW
LoadLibraryExW
GetStartupInfoW
GetCommandLineW
MulDiv
OutputDebugStringW
FindResourceW
GetFullPathNameW
CreateFileW
SetFileAttributesW
GetDefaultCommConfigW
IsValidCodePage
GetUserGeoID
GetUserDefaultLCID
SetEndOfFile
ResetEvent
DeleteCriticalSection
HeapFree
VirtualAlloc
GlobalLock
GlobalAlloc
GetVersion
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
SetStdHandle
GetConsoleMode
SetFilePointerEx
WriteConsoleW
ExpandEnvironmentStringsW
CloseHandle
HeapAlloc
GetStringTypeW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
RtlUnwind

crypt32

CryptProtectData
CryptQueryObject
CertGetNameStringW
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptAcquireCertificatePrivateKey
CryptExportPublicKeyInfo
CertGetPublicKeyLength
CertControlStore
CertFreeCTLContext
CertFreeCRLContext
CertSetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore
CryptMsgUpdate
CryptEnumOIDInfo
CryptFindOIDInfo
CryptDecodeObject
CryptEncodeObjectEx
CryptStringToBinaryW

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d28cf55c1e238dd498cb1ddf56f46220

Headers

File Characteristics

Imports

user32

kernel32

crypt32

advapi32

ole32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 648KB - Virtual size: 648KB

.data Size: 1.2MB - Virtual size: 7.7MB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 648KB - Virtual size: 648KB

.data
Size: 1.2MB - Virtual size: 7.7MB

.rsrc
Size: 4KB - Virtual size: 4KB