d70dee711eb80dce78067d8de017c539_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d70dee711eb80dce78067d8de017c539_JaffaCakes118
Size

421KB
MD5

d70dee711eb80dce78067d8de017c539
SHA1

3a2f094067c668433e54f5e6b0471947f60db6a0
SHA256

cd26e573fe0aa86fd01d45e89239a3be76a178de99f724220834d01cabab29f5
SHA512

2a450e7cca3428ea7fa782846813a80fe917515cefc61aa718851348be88a653d0c95b0d78358be854aaa3fbdfbe59d7ae08d171b11e2fdf4d884762592e84ac
SSDEEP

6144:8PtYEJWACNExD2nR3gb/ysQ0vWllFA6+w22kBua0I56FYUCtF6Tf7ZWC3hIl60gn:m3oEytPsQ0viFA6K50vrZWkIllgHH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d70dee711eb80dce78067d8de017c539_JaffaCakes118

Files

d70dee711eb80dce78067d8de017c539_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a240a04ae2756d11e93d59f8299c038

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinA
RealShellExecuteW
DragQueryFileW

advapi32

RegCreateKeyExW
CryptSignHashA
RegReplaceKeyA
RegReplaceKeyW
DuplicateTokenEx
CryptReleaseContext
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
CryptSetProviderA
RegQueryValueA
RegEnumValueA
RegNotifyChangeKeyValue
LookupPrivilegeNameA
RegLoadKeyA
RevertToSelf
LookupPrivilegeDisplayNameA
RegDeleteValueA
RegRestoreKeyW
LogonUserW
StartServiceW
AbortSystemShutdownW
LookupSecurityDescriptorPartsW
CryptSetHashParam

kernel32

InterlockedDecrement
CreateDirectoryExA
GetLocaleInfoW
CompareStringA
FreeEnvironmentStringsW
VirtualQuery
GetEnvironmentStringsW
GetOEMCP
GetLastError
IsValidCodePage
SetConsoleCP
CreateRemoteThread
CompareStringW
DeleteCriticalSection
TlsAlloc
GetCurrentProcessId
HeapAlloc
CreateProcessW
GetACP
EnumSystemLocalesA
GetCPInfo
SetHandleCount
WriteConsoleOutputCharacterW
Sleep
FreeLibrary
GetStringTypeW
GlobalUnfix
GetAtomNameW
UnhandledExceptionFilter
SetCriticalSectionSpinCount
TerminateProcess
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsDebuggerPresent
GetTimeFormatA
SetLastError
GetUserDefaultLCID
GetEnvironmentStrings
HeapReAlloc
TlsSetValue
InterlockedIncrement
TerminateThread
GetFullPathNameA
IsValidLocale
HeapSize
LCMapStringW
GetLocaleInfoA
GetProcessHeap
GetStartupInfoA
HeapDestroy
GetStdHandle
WideCharToMultiByte
GetLogicalDriveStringsA
GetCurrentThreadId
TlsGetValue
InitializeCriticalSection
HeapFree
GetPrivateProfileStructW
LeaveCriticalSection
WriteFile
SetLocaleInfoW
InterlockedExchange
VirtualAlloc
GetCurrentThread
GetCommandLineA
TlsFree
GetVersionExA
GetModuleFileNameA
RtlUnwind
GetFileType
GetSystemTimeAsFileTime
ExitProcess
QueryPerformanceCounter
GetStringTypeA
GlobalDeleteAtom
LCMapStringA
GetCurrentProcess
EnumTimeFormatsW
VirtualFreeEx
LoadLibraryA
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetDateFormatA
GetTickCount
FreeEnvironmentStringsA
GetProcAddress
HeapCreate
VirtualFree
MultiByteToWideChar
GetPrivateProfileIntW
EnterCriticalSection
GetModuleHandleA

gdi32

CreateFontIndirectW
IntersectClipRect
UpdateICMRegKeyA
GetCharacterPlacementW

comdlg32

ChooseFontW
PrintDlgW
GetFileTitleA
FindTextA

wininet

FtpCommandW
GopherGetAttributeA
HttpSendRequestA
InternetCreateUrlW
FindFirstUrlCacheEntryA
FtpRemoveDirectoryA
IsHostInProxyBypassList
InternetConnectA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a240a04ae2756d11e93d59f8299c038

Headers

File Characteristics

Imports

shell32

advapi32

kernel32

gdi32

comdlg32

wininet

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 9KB - Virtual size: 15KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 9KB - Virtual size: 15KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 6KB - Virtual size: 6KB