d6b2fd325c85e2813ce1bd1d7ccee00c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6b2fd325c85e2813ce1bd1d7ccee00c_JaffaCakes118
Size

581KB
MD5

d6b2fd325c85e2813ce1bd1d7ccee00c
SHA1

136b95dc005d2ace8e46c5fe954c6c6d14947a85
SHA256

42efd177a81ef474e77e8bf5334c7c75441ac01c4678e5287d821bf2d8268996
SHA512

9f9b8a006a9b4d6d0e0ec2fa5ca0074e8b4ae4780e181eef4af2afc058d67602079c31f5c85910244fa2a59e33535d08210e4ebf43769aeb8bf3f0b559acdfb3
SSDEEP

12288:SyHk3zTFeXnyh4oAbT1ypmDm+mJstFBRtDqX2V:bk3zTFeXnySoAbT1JDmHKDtlV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b2fd325c85e2813ce1bd1d7ccee00c_JaffaCakes118

Files

d6b2fd325c85e2813ce1bd1d7ccee00c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4f4dc0991a78915eff83975d8af2657

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheChangeDirA
SHGetDesktopFolder
InternalExtractIconListA
SHGetDataFromIDListW
FreeIconList

gdi32

RemoveFontResourceW
ModifyWorldTransform
GetPixel
SetTextColor

kernel32

GetVersionExA
GetCurrentDirectoryA
GetUserDefaultLCID
QueryPerformanceCounter
SetFilePointer
GetCurrentProcess
VirtualFree
TlsFree
GetEnvironmentStrings
RtlUnwind
GetSystemInfo
SetLastError
HeapAlloc
ExitProcess
TlsGetValue
GetStringTypeA
GetStdHandle
TlsSetValue
GetModuleFileNameW
GetLastError
GetACP
GetStartupInfoA
IsValidLocale
GetOEMCP
FreeEnvironmentStringsW
OpenMutexA
HeapCreate
InterlockedExchange
InitializeCriticalSection
GetLocaleInfoW
GetCurrentThreadId
GetTimeZoneInformation
GetTimeFormatA
EnterCriticalSection
IsBadWritePtr
SetHandleCount
CompareStringW
VirtualProtect
GetModuleFileNameA
DeleteAtom
GetTickCount
GetCurrentProcessId
GetStringTypeW
GetLocaleInfoA
LCMapStringW
CompareStringA
MultiByteToWideChar
GetDateFormatA
WriteFile
GetFileType
SetEnvironmentVariableA
VirtualAlloc
LCMapStringA
TerminateProcess
HeapReAlloc
GetVersionExW
WideCharToMultiByte
GetStartupInfoW
GetCommandLineA
LeaveCriticalSection
VirtualQuery
GetCommandLineW
IsValidCodePage
GetEnvironmentStringsW
ReadFile
TlsAlloc
GetProcAddress
GetModuleHandleA
GetSystemTimeAsFileTime
EnumSystemLocalesA
HeapDestroy
HeapFree
LoadLibraryExA
DeleteCriticalSection
FlushFileBuffers
LoadLibraryA
SetStdHandle
CloseHandle
GetCurrentThread
CreateMutexA
FreeEnvironmentStringsA
HeapSize
GetCPInfo
UnhandledExceptionFilter

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameA
ChooseColorA

user32

GetMenuStringA
IsWindowVisible
GetThreadDesktop
GetUserObjectInformationA
ChangeDisplaySettingsExW
CallMsgFilterA
DdeGetData
RegisterClassExA
TranslateMDISysAccel
GetLastActivePopup
GetMenuContextHelpId
GetClipboardViewer
LoadCursorFromFileW
RegisterWindowMessageA
LockWindowUpdate
RegisterClassA
InSendMessage

advapi32

RegQueryValueExW
CryptDuplicateHash
RevertToSelf
CryptSetProviderA
CryptVerifySignatureA
RegReplaceKeyW
RegLoadKeyA
RegFlushKey
CryptSetProviderExA
RegSaveKeyA
CryptEnumProvidersW
RegRestoreKeyA
RegDeleteKeyW
RegDeleteKeyA
RegLoadKeyW
CryptDeriveKey
RegNotifyChangeKeyValue
CryptReleaseContext
RegSetValueA
LookupPrivilegeNameA
CryptEnumProviderTypesW

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4f4dc0991a78915eff83975d8af2657

Headers

File Characteristics

Imports

shell32

gdi32

kernel32

comctl32

comdlg32

user32

advapi32

Sections

.text Size: 207KB - Virtual size: 206KB

.rdata Size: 9KB - Virtual size: 14KB

.data Size: 358KB - Virtual size: 358KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 207KB - Virtual size: 206KB

.rdata
Size: 9KB - Virtual size: 14KB

.data
Size: 358KB - Virtual size: 358KB

.rsrc
Size: 5KB - Virtual size: 5KB