c7dcc3db6820c7107935058945f761e6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c7dcc3db6820c7107935058945f761e6_JaffaCakes118
Size

539KB
MD5

c7dcc3db6820c7107935058945f761e6
SHA1

4899299690a55ec438370c5f89fc34fca0b06a04
SHA256

3b432d10783e1b9e029c35f803414e282e0e0010f7aad87c37ff23b5487e21b8
SHA512

d9e5450f50888a4fd154c92b0f03c30133c15d7de545b1fc6e150dae75714d20a1915b503799c5b8d5a831e681c42d0f847401f37a800fe5c720881ac38ecf28
SSDEEP

12288:018WfJAj908Uk/2GF9eQtI4FM1K7RcReikpV/vefjTZtCm:0188JAh0/k/2GXeAI4Edef2fJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7dcc3db6820c7107935058945f761e6_JaffaCakes118

Files

c7dcc3db6820c7107935058945f761e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32a5eef041f5e9652ac16860a52de281

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap

advapi32

CryptGetUserKey
LogonUserA
CreateServiceA
CryptSignHashW
CryptDuplicateKey

user32

SetWindowTextA
EnumPropsW
GetTabbedTextExtentW
RegisterClassA
GetDCEx
RegisterClassExA
EnumPropsA
IntersectRect

gdi32

SetWindowExtEx
GetPixel
GetTextCharacterExtra
ExtEscape
GetEnhMetaFileHeader
GetBkColor
ColorCorrectPalette
StartDocW
GetMetaRgn
GetCurrentPositionEx

kernel32

HeapFree
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetDateFormatA
GetVersionExA
HeapSize
GetTickCount
GetEnvironmentStrings
TlsGetValue
VirtualAlloc
EnterCriticalSection
GetACP
GetCommandLineA
GetModuleHandleA
WriteConsoleA
SetConsoleCtrlHandler
GetOEMCP
HeapAlloc
InterlockedExchange
GetStringTypeW
MultiByteToWideChar
CloseHandle
GetStartupInfoW
VirtualQuery
VirtualFree
GetCurrentThread
HeapReAlloc
LeaveCriticalSection
OpenSemaphoreA
GetLocaleInfoW
HeapCreate
TerminateProcess
SetLastError
IsValidLocale
CompareStringW
GetStdHandle
CreateMutexA
DeleteCriticalSection
WriteConsoleW
GetEnvironmentStringsW
LCMapStringW
GetLogicalDriveStringsA
GetConsoleMode
CompareStringA
SetStdHandle
OpenMutexA
UnhandledExceptionFilter
FreeEnvironmentStringsW
LoadLibraryA
FreeEnvironmentStringsA
WriteFile
RtlUnwind
SetHandleCount
IsDebuggerPresent
HeapDestroy
InterlockedDecrement
GetModuleFileNameW
GetLocaleInfoA
GetCPInfo
GetConsoleCP
GetModuleFileNameA
GetConsoleOutputCP
CreateFileA
ExitProcess
GetStringTypeA
FlushFileBuffers
GetCurrentThreadId
ReadFile
GetFileType
GetCurrentProcessId
WideCharToMultiByte
EnumSystemLocalesA
GetTimeFormatA
InterlockedIncrement
WaitNamedPipeA
SetFilePointer
GetLastError
TlsFree
GetProcAddress
GetTimeZoneInformation
GetProcessHeap
SetUnhandledExceptionFilter
SetEnvironmentVariableA
Sleep
FillConsoleOutputCharacterA
GetCommandLineW
GetStartupInfoA
TlsSetValue
QueryPerformanceCounter
LCMapStringA
lstrcmpi
FreeLibrary
IsValidCodePage
TlsAlloc
GetCurrentProcess
InitializeCriticalSection

wininet

InternetOpenW

comctl32

InitCommonControlsEx

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32a5eef041f5e9652ac16860a52de281

Headers

File Characteristics

Imports

comdlg32

advapi32

user32

gdi32

kernel32

wininet

comctl32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 10KB - Virtual size: 17KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 10KB - Virtual size: 17KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 11KB - Virtual size: 10KB