dc88254b946ec0ddbe809633954c2ab7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dc88254b946ec0ddbe809633954c2ab7_JaffaCakes118
Size

429KB
MD5

dc88254b946ec0ddbe809633954c2ab7
SHA1

d57ab098a02515662d358a3f9342f9c65f73a1d2
SHA256

d0fdae2bf6cd9f88202312a341d19791efc4ecca1c796dece9382de7aa8c33c0
SHA512

29b319f73b3715f7eeda0c82ba9c0a80f8ad614edbb612cc5472f07c436aa40617aefefe925aaf7b11a9607e6caca7fd53ea173ae9bc756f8b77b1c6c847746a
SSDEEP

6144:3h+xbEYa0McW0qoC5vbD+kQDFBeK7bdJIaL+GHAABC8dpKn/JxoictpA4P4sPPi:YxbPafcWrWDDPeYWeC8a/JxpCA4QA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc88254b946ec0ddbe809633954c2ab7_JaffaCakes118

Files

dc88254b946ec0ddbe809633954c2ab7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

839c77b09ad7f42befc26be0c4e27e52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
GetSaveFileNameA
PrintDlgA
PageSetupDlgW

gdi32

GetCharABCWidthsFloatW
GetMetaFileBitsEx
GetCharWidth32W
Polygon
DrawEscape
CreateRoundRectRgn
AddFontResourceA
Arc
DeviceCapabilitiesExW
OffsetClipRgn
SetFontEnumeration
CreateDCA
GetBoundsRect

wininet

InternetOpenW
CreateUrlCacheEntryA
InternetTimeToSystemTimeA
GetUrlCacheGroupAttributeW
InternetCrackUrlW
GopherCreateLocatorA
FtpCreateDirectoryW

advapi32

RegSaveKeyW
CryptDuplicateKey
CryptSignHashA
LookupPrivilegeDisplayNameA
AbortSystemShutdownA
RegCloseKey
RegNotifyChangeKeyValue
RegDeleteValueA
CryptSetProviderW
RegSetValueExW
RegConnectRegistryW
CryptCreateHash
RegCreateKeyA
RegDeleteKeyW
CryptSetProviderA
RegRestoreKeyA
CryptAcquireContextW
RegQueryValueExW
CryptSetHashParam
LookupSecurityDescriptorPartsW
LogonUserW
RegSetKeySecurity

kernel32

LeaveCriticalSection
LoadLibraryA
TlsAlloc
GetVersionExA
GetACP
GetCurrentThread
TlsFree
HeapFree
CompareStringA
WideCharToMultiByte
GetProcessHeap
GetCommandLineA
GetCPInfo
SetHandleCount
VirtualFree
GetDateFormatA
QueryPerformanceCounter
GetEnvironmentStrings
GetTickCount
GetStartupInfoW
FreeEnvironmentStringsA
TlsSetValue
VirtualAlloc
ExitProcess
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetModuleHandleA
RtlUnwind
InterlockedExchange
TerminateProcess
GetCurrentThreadId
Sleep
InitializeCriticalSection
GetStringTypeA
InterlockedDecrement
GetEnvironmentStringsW
GetTimeFormatA
EnumTimeFormatsW
LCMapStringA
TlsGetValue
GetSystemTimeAsFileTime
SetLastError
GetStartupInfoA
GetLastError
GetCurrentProcessId
GetStdHandle
VirtualQuery
DeleteCriticalSection
HeapDestroy
HeapAlloc
GetStringTypeW
GetTimeZoneInformation
GetFileType
GetLocaleInfoA
GetModuleFileNameA
GetLocaleInfoW
HeapSize
HeapCreate
EnumResourceTypesW
InterlockedIncrement
WriteFile
FreeEnvironmentStringsW
GetProcAddress
AddAtomA
HeapReAlloc
EnumSystemLocalesA
MultiByteToWideChar
EnterCriticalSection
GetModuleFileNameW
TerminateThread
GetCommandLineW
GetCurrentProcess
LCMapStringW
CompareStringW
IsDebuggerPresent
GetUserDefaultLCID
GetOEMCP
UnhandledExceptionFilter
IsValidLocale
FreeLibrary
IsValidCodePage

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

839c77b09ad7f42befc26be0c4e27e52

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

advapi32

kernel32

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 9KB - Virtual size: 34KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 9KB - Virtual size: 34KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 6KB - Virtual size: 5KB