c1feca3d808cdb8e7e66e34255a3e187_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1feca3d808cdb8e7e66e34255a3e187_JaffaCakes118
Size

654KB
MD5

c1feca3d808cdb8e7e66e34255a3e187
SHA1

30977354d4b9f448892c1868333d887cc157b108
SHA256

eb307d6b82d09079fd426b7aebad4a3641c47a9a7acf6b3aa1f5504c1faaa324
SHA512

64a7e4a52bffaf351194c1972a6e7d769ad4f073cdd2579cc6c6dcf64cb2b35fbf1b3dae92b8a5299e21b3ebc04db320f91bc371a596a3a95c0247b3e99f77ab
SSDEEP

12288:XegIkgxlHG3wHXUwspT4bDzFMY7jN2bdo3xrFgrpD5T516CMSXAycqAtdY:LdkHvHXUwoTuNLwo3xrE1XMSTc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1feca3d808cdb8e7e66e34255a3e187_JaffaCakes118

Files

c1feca3d808cdb8e7e66e34255a3e187_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0abb35175bcac1aac63f1ec349f588a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClipboardViewer
FindWindowExW
ScreenToClient
CreateWindowStationA
DdeAccessData
IsCharUpperW
DdeUnaccessData
DrawIcon
CreatePopupMenu
InvalidateRect
RegisterClassA
GetKeyboardLayoutNameW
OpenInputDesktop
GetLastActivePopup
AttachThreadInput
DdeUninitialize
EnumDisplayDevicesW
GetUserObjectInformationA
FlashWindowEx
MapWindowPoints
GetClipboardViewer
RegisterClassExA
SetDoubleClickTime

kernel32

GetLastError
OutputDebugStringA
HeapCreate
LoadLibraryA
TlsAlloc
GetProcessHeap
GetStartupInfoA
IsValidCodePage
GetDateFormatA
SetStdHandle
GetModuleFileNameW
HeapFree
GetStringTypeW
FreeEnvironmentStringsW
ExitThread
TlsSetValue
IsDebuggerPresent
MultiByteToWideChar
FindFirstFileA
WriteConsoleA
GetModuleHandleA
GetEnvironmentStringsW
lstrlenA
GetFileType
InitializeCriticalSectionAndSpinCount
GetCPInfo
IsBadReadPtr
DeleteAtom
WideCharToMultiByte
InterlockedExchange
TerminateProcess
VirtualAlloc
GetConsoleCP
GetTimeFormatA
HeapDestroy
WriteFile
GetCurrentProcessId
RaiseException
LoadLibraryW
InterlockedDecrement
CompareStringW
EnumSystemLocalesA
FileTimeToDosDateTime
CompareStringA
OpenMutexA
HeapSize
GetProcAddress
DeleteCriticalSection
GetCommandLineA
FlushFileBuffers
TlsGetValue
GetACP
TlsFree
LCMapStringW
CloseHandle
OpenFileMappingW
LeaveCriticalSection
HeapAlloc
UnhandledExceptionFilter
GetStartupInfoW
RtlUnwind
SetEnvironmentVariableA
WriteConsoleW
Sleep
GetLocaleInfoA
HeapReAlloc
GetConsoleOutputCP
GetCommandLineW
GetOEMCP
SetHandleCount
GetLocaleInfoW
GetCurrentThread
LCMapStringA
GetUserDefaultLCID
ReadFile
SetConsoleCtrlHandler
InterlockedIncrement
FreeLibrary
OutputDebugStringW
SetLastError
GetConsoleMode
CreateFileA
GetCompressedFileSizeW
EnumCalendarInfoExA
GetModuleHandleW
GetSystemTimeAsFileTime
EnterCriticalSection
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
DebugBreak
GetStdHandle
CreateMutexA
GetStringTypeA
SetFilePointer
GetTimeZoneInformation
HeapValidate
IsValidLocale
ExitProcess
VirtualFree
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcess

comctl32

InitCommonControlsEx

wininet

InternetDialW
InternetGoOnlineA
InternetDial

Sections

.text
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0abb35175bcac1aac63f1ec349f588a

Headers

File Characteristics

Imports

user32

kernel32

comctl32

wininet

Sections

.text Size: 470KB - Virtual size: 469KB

.rdata Size: 69KB - Virtual size: 93KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 470KB - Virtual size: 469KB

.rdata
Size: 69KB - Virtual size: 93KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 9KB - Virtual size: 9KB