d339e4b1548533e699e6971026ccfe36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d339e4b1548533e699e6971026ccfe36_JaffaCakes118
Size

540KB
MD5

d339e4b1548533e699e6971026ccfe36
SHA1

0c53c4e5d8289e9fd0734f151c86419ddda6e7c0
SHA256

996e3c131495a3c873a27d9d9acdf5653244aea2b7f1235a85e7e52a35e0e5cd
SHA512

7b21a8ff1c2dcc1cf3349a8dcdada6676cee90916a4e4144b3cab0f5bae8fd4fb62b793ec643f67963963ae4d71b97590094c85073613a3299b7c9ab3e0f1840
SSDEEP

12288:0IJ6k7qk3gUZIOLr2kNKGNuNWAe0t6Ilu47WWu4FfMC1:vJ6egUmKNKGNuQR+uoWYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d339e4b1548533e699e6971026ccfe36_JaffaCakes118

Files

d339e4b1548533e699e6971026ccfe36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9066a6b99a29993b11a18be977bbbc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
QueryPerformanceCounter
GetStringTypeW
DeleteCriticalSection
CompareStringW
ExitProcess
LCMapStringA
IsValidCodePage
LocalShrink
GetLocaleInfoA
GetVersionExA
EnterCriticalSection
GetEnvironmentStringsW
WriteProfileSectionA
GetStringTypeA
FreeResource
TlsSetValue
UnhandledExceptionFilter
TlsAlloc
GetACP
CreateMutexA
GetUserDefaultLCID
SetStdHandle
GetCPInfo
GetCurrentThread
HeapAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetModuleHandleA
OpenMutexA
EnumCalendarInfoExA
GetModuleFileNameW
GetProcAddress
GetThreadPriority
VirtualProtect
MultiByteToWideChar
HeapSize
GetTimeFormatA
HeapDestroy
GetStartupInfoW
LoadLibraryA
WritePrivateProfileSectionA
InitializeCriticalSection
HeapFree
WriteFile
GetCommandLineW
HeapReAlloc
GetCurrentThreadId
SetHandleCount
lstrcpynA
TlsGetValue
VirtualQuery
TlsFree
GetSystemInfo
GetTimeZoneInformation
ReadFile
CompareStringA
IsBadWritePtr
GetFileType
SetLastError
LCMapStringW
SetEnvironmentVariableA
GetStartupInfoA
GetDateFormatA
FreeEnvironmentStringsW
LeaveCriticalSection
InterlockedExchange
GetCurrentProcessId
GetTickCount
HeapCreate
EnumSystemLocalesA
FreeEnvironmentStringsA
GetLocaleInfoW
VirtualAlloc
GetModuleFileNameA
FlushFileBuffers
GetEnvironmentStrings
VirtualFree
WideCharToMultiByte
GetLastError
GetCurrentProcess
GetOEMCP
TerminateProcess
GetCommandLineA
CloseHandle
IsValidLocale
SetFilePointer

user32

SendDlgItemMessageA
GetClassLongW
DdeQueryNextServer
RegisterClassA
DialogBoxIndirectParamA
CreatePopupMenu
OpenIcon
LoadImageA
EmptyClipboard
wvsprintfA
SendNotifyMessageA
TileChildWindows
PeekMessageW
RegisterClassExA
EqualRect
CreateDialogParamW
GetKeyboardLayoutList
CheckRadioButton
ImpersonateDdeClientWindow
GetWindowThreadProcessId
TrackMouseEvent

comctl32

InitCommonControlsEx

wininet

FtpPutFileEx
InternetAutodialHangup

gdi32

ResetDCA
AnimatePalette
CheckColorsInGamut
GetEnhMetaFileDescriptionW
DeleteObject
GetPixelFormat
PolyDraw
GetTextMetricsW
SetTextCharacterExtra
BeginPath
SetBkMode
CreateDIBPatternBrushPt
GetWinMetaFileBits
Escape
SetStretchBltMode
GetOutlineTextMetricsW
EnumFontsW
CreateDiscardableBitmap
SetBitmapDimensionEx
TextOutA
CreateColorSpaceA
SetROP2
SetWindowOrgEx
CreatePatternBrush
SetDIBitsToDevice

advapi32

RegCloseKey
RegEnumKeyExW
CryptSignHashW
LookupPrivilegeDisplayNameA
LookupPrivilegeValueW
RegRestoreKeyA
RegQueryMultipleValuesW
InitiateSystemShutdownW
CreateServiceA
CryptGetProvParam
CryptCreateHash
CryptHashData
CryptVerifySignatureW
RegOpenKeyExW
CryptEnumProviderTypesW
RegEnumKeyW
RegCreateKeyW
RegSetValueW
CryptImportKey
ReportEventA
RegDeleteKeyA
LookupAccountNameW
RegOpenKeyW

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9066a6b99a29993b11a18be977bbbc9

Headers

File Characteristics

Imports

kernel32

user32

comctl32

wininet

gdi32

advapi32

Sections

.text Size: 332KB - Virtual size: 332KB

.rdata Size: 73KB - Virtual size: 77KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 332KB - Virtual size: 332KB

.rdata
Size: 73KB - Virtual size: 77KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 16KB - Virtual size: 16KB