d21c3934a62d88f634c631dbcaa3e3fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d21c3934a62d88f634c631dbcaa3e3fb_JaffaCakes118
Size

358KB
MD5

d21c3934a62d88f634c631dbcaa3e3fb
SHA1

3bd68c8ffe8b95aa7e2029dc9b615fd7e5021f7d
SHA256

0ae4599c22e1c8c3622dadc41e9de73faf51e13b9deb23f47132a6080d523122
SHA512

02e96d6186cb20ce9059ab51887f6c763c98f71a5633e8c7b10ea4d7bba952cc8d2fab7a756e497d85152576b227d4b8e66a29340b1aa3d82550635cd521fec4
SSDEEP

6144:pLRC6AE8XFauvhuNNgDS5NK2cBQkA9QJcqX+/o6RNOEmcEC0DIMkL:pLRC8zNmYUHBQktSa+fTOttC0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d21c3934a62d88f634c631dbcaa3e3fb_JaffaCakes118

Files

d21c3934a62d88f634c631dbcaa3e3fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72e1a49211c5a6afa69d4775cd40d094

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
OpenMutexA
CreateFileA
WriteFile
HeapReAlloc
GetFileType
ReadFile
GetACP
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentStrings
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
SetEnvironmentVariableA
TlsAlloc
IsValidLocale
GetConsoleMode
CompareStringA
GetStartupInfoA
GetDateFormatA
VirtualFree
GetConsoleCP
HeapDestroy
GetCurrentThreadId
GetStdHandle
TlsSetValue
HeapSize
GetCommandLineA
GetLastError
FreeEnvironmentStringsW
InitializeCriticalSection
CreateMutexA
GetCPInfo
WriteConsoleA
LCMapStringA
SetFilePointer
GetStringTypeW
InterlockedIncrement
GetTickCount
MultiByteToWideChar
GetVersionExA
FlushFileBuffers
GetProcAddress
IsValidCodePage
LCMapStringW
LeaveCriticalSection
EnumSystemLocalesA
ExitProcess
CloseHandle
IsDebuggerPresent
HeapAlloc
DeleteCriticalSection
InterlockedDecrement
SetHandleCount
GetTimeZoneInformation
RtlUnwind
TerminateProcess
GetConsoleOutputCP
GetUserDefaultLCID
VirtualQuery
GetProcessHeap
GetCurrentThread
VirtualAlloc
lstrcmpiA
GetDiskFreeSpaceExW
SetConsoleCtrlHandler
FreeLibrary
SetLastError
GetLocaleInfoW
WideCharToMultiByte
GetLocaleInfoA
FreeEnvironmentStringsA
InterlockedExchange
GetTimeFormatA
GetModuleHandleA
GetOEMCP
LoadLibraryA
Sleep
WaitCommEvent
TlsGetValue
GetStringTypeA
SetStdHandle
TlsFree
QueryPerformanceCounter
CompareStringW
WriteConsoleW
HeapFree
GetCurrentProcess

user32

CreateAcceleratorTableA
TabbedTextOutA
RegisterClassExA
EndDialog
CallWindowProcW
EnumWindows
UnloadKeyboardLayout
GetKeyNameTextW
RegisterClassA
ShowScrollBar
GetSystemMenu
WINNLSGetEnableStatus

comdlg32

ReplaceTextW
ReplaceTextA

wininet

InternetReadFileExA
RegisterUrlCacheNotification
GetUrlCacheGroupAttributeA
HttpSendRequestExW

comctl32

InitCommonControlsEx

advapi32

RegOpenKeyExW
RegConnectRegistryW
StartServiceW
RegQueryMultipleValuesA
RegEnumValueW
RegQueryValueExA
RegQueryValueExW
CryptDecrypt
CryptSignHashA
GetUserNameW
CryptEnumProvidersW
RegOpenKeyA
LookupAccountNameA
CryptDuplicateKey
DuplicateToken
CryptDestroyKey
InitiateSystemShutdownA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
ExtractAssociatedIconExA
SHUpdateRecycleBinIcon
SHFormatDrive

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72e1a49211c5a6afa69d4775cd40d094

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

wininet

comctl32

advapi32

shell32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 10KB - Virtual size: 35KB

.data Size: 175KB - Virtual size: 175KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 10KB - Virtual size: 35KB

.data
Size: 175KB - Virtual size: 175KB

.rsrc
Size: 9KB - Virtual size: 9KB