c2387e729ed28d8fae3694d203086be6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c2387e729ed28d8fae3694d203086be6_JaffaCakes118
Size

482KB
MD5

c2387e729ed28d8fae3694d203086be6
SHA1

296bb89ffe471711616ffcd42f9856614daed416
SHA256

aa4485d15b8fb601059c90a7690a646414156b79fca15c9db60cee1bcb93052f
SHA512

b7a4a9344c1bceaeccded8bfd329be5da7e125cae70cbae2aaee7b0dc38a51a60b163af4ac3e724e08fa2855c6f0f459b6d08013a0cfc8c44aae5227fc264de6
SSDEEP

12288:M9itBOyX7cQl/frozcMlQNqxeJnsm+wBFWx5t6nz1iGx6:M9iXOyrXpjoziNqxeJnqwBMxgBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2387e729ed28d8fae3694d203086be6_JaffaCakes118

Files

c2387e729ed28d8fae3694d203086be6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7103e5c0329c94d5b810ec048b9bc5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptEnumProvidersW
CryptVerifySignatureA
RegQueryMultipleValuesW
RegQueryValueW
CryptGenKey
RegEnumValueW
LookupAccountNameW
CryptSetHashParam
RevertToSelf
CryptReleaseContext
RegRestoreKeyA
CryptExportKey
GetUserNameW

kernel32

FlushFileBuffers
EnumTimeFormatsA
RtlUnwind
EnterCriticalSection
WriteFile
VirtualProtect
GetLastError
GetStringTypeA
TlsSetValue
TerminateProcess
CreateMutexA
GetCPInfo
EnumSystemLocalesA
GetEnvironmentStrings
HeapSize
GetModuleHandleA
GetLocaleInfoW
TlsAlloc
WaitForDebugEvent
InitializeCriticalSection
HeapAlloc
GetCurrentProcess
GetCommandLineA
UnhandledExceptionFilter
IsValidCodePage
WideCharToMultiByte
SetFilePointer
GetCurrentProcessId
GetVersionExA
GetProcAddress
GetSystemTimeAsFileTime
GetOEMCP
GetTimeFormatA
LCMapStringA
CompareStringW
SetLastError
HeapReAlloc
GetStringTypeW
SetEnvironmentVariableA
HeapDestroy
GetModuleFileNameA
TlsGetValue
HeapFree
IsValidLocale
HeapCreate
GetACP
GetStdHandle
InterlockedExchange
OpenMutexA
GetTimeZoneInformation
GetFileType
VirtualFree
VirtualAlloc
GetCurrentThreadId
SetHandleCount
LeaveCriticalSection
CompareStringA
DeleteCriticalSection
FreeEnvironmentStringsW
GetTickCount
GetStartupInfoA
IsBadWritePtr
QueryPerformanceCounter
FreeEnvironmentStringsA
CloseHandle
SetStdHandle
DeleteAtom
GetCurrentThread
SetVolumeLabelA
GetLocaleInfoA
GetDateFormatA
LoadLibraryA
MultiByteToWideChar
TlsFree
LCMapStringW
GetSystemInfo
GetUserDefaultLCID
ExitProcess
VirtualQuery
GetEnvironmentStringsW
ReadFile

wininet

InternetDial

comdlg32

GetOpenFileNameA
PrintDlgA
FindTextW

user32

GetKeyboardLayoutList
GetShellWindow
UnhookWindowsHookEx
SetWindowsHookW
SendIMEMessageExA
RegisterClassA
EndDeferWindowPos
SystemParametersInfoW
MessageBoxA
SetFocus
AdjustWindowRectEx
DrawCaption
DdeInitializeW
EnumWindowStationsA
CreateDialogIndirectParamA
RegisterClassExA
GetKeyboardLayout
SetScrollInfo
GetClassLongA
BroadcastSystemMessage
DefWindowProcA
DestroyWindow
TranslateAcceleratorA
GetKeyboardState
CreateWindowExW
GetWindowModuleFileNameA
ShowWindow
EnumDisplaySettingsExW
DdeFreeStringHandle

comctl32

ImageList_BeginDrag
InitCommonControlsEx
ImageList_SetBkColor

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7103e5c0329c94d5b810ec048b9bc5c

Headers

File Characteristics

Imports

advapi32

kernel32

wininet

comdlg32

user32

comctl32

Sections

.text Size: 303KB - Virtual size: 303KB

.rdata Size: 66KB - Virtual size: 89KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 303KB - Virtual size: 303KB

.rdata
Size: 66KB - Virtual size: 89KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 12KB - Virtual size: 12KB