e011c66cf20ea45f830e609b77213a92_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e011c66cf20ea45f830e609b77213a92_JaffaCakes118
Size

817KB
MD5

e011c66cf20ea45f830e609b77213a92
SHA1

798c8c0a1f526b8dca25b7469872943fb2fddecd
SHA256

2455a8e184231582de21781639cea6f790f9b42bdef210506df2966b004d7133
SHA512

5d5247b9d9e610a4e8f91b234af7ab562c37fcbbc4d5e106c640f3d3cc557493c31b75a112acff66336fbd4085862437d515ad9faba851dd638ec087f746d162
SSDEEP

24576:BEkSgUj1qpcHr6PmIxL8ex1pd8blULpR0+z:BEmU5qpcHr6PmISe/mSLr0+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e011c66cf20ea45f830e609b77213a92_JaffaCakes118

Files

e011c66cf20ea45f830e609b77213a92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b417146e6efc9ad92ffaeb15bd2e3ee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
SHBrowseForFolderA
ShellExecuteA
ord155

comctl32

ImageList_DragLeave
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Create
ImageList_Add
ImageList_SetImageCount
ImageList_GetIconSize
_TrackMouseEvent
ord17

advapi32

RegQueryValueExA
RegOpenKeyW
RegDeleteValueA
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameA
ChooseFontA
GetOpenFileNameA

kernel32

GetStartupInfoA
TlsFree
GetOEMCP
InterlockedExchange
RtlUnwind
CloseHandle
ReadFile
LeaveCriticalSection
SetUnhandledExceptionFilter
GetProcAddress
SetStdHandle
QueryPerformanceCounter
CreateMutexW
SetFilePointer
CompareStringW
CreateFileA
VirtualQuery
GetSystemTimeAsFileTime
SetHandleCount
GetStartupInfoW
GetCurrentProcess
FreeEnvironmentStringsW
UnhandledExceptionFilter
ExitProcess
InterlockedIncrement
LCMapStringA
TerminateProcess
GetModuleFileNameW
EnterCriticalSection
IsValidCodePage
HeapReAlloc
LCMapStringW
GetFileType
GetTimeFormatA
GetModuleFileNameA
GetModuleHandleA
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
HeapFree
IsDebuggerPresent
WriteConsoleA
MultiByteToWideChar
GetConsoleCP
HeapCreate
GetCurrentThreadId
LoadLibraryA
SetLastError
InitializeCriticalSection
GetCurrentProcessId
GetLocaleInfoA
GetDateFormatA
RaiseException
GetCPInfo
GetACP
WaitForSingleObject
CompareStringA
GetConsoleOutputCP
GetTickCount
DeleteCriticalSection
FlushFileBuffers
GetStringTypeA
GetCommandLineW
GetLastError
GetModuleHandleW
TlsSetValue
VirtualFree
GetStdHandle
GetTimeZoneInformation
OpenMutexW
HeapSize
HeapAlloc
VirtualAlloc
WideCharToMultiByte
WriteFile
LoadLibraryW
SetEnvironmentVariableA
InterlockedDecrement
Sleep
GetStringTypeW
WriteConsoleW

user32

DestroyWindow
LoadCursorW
RegisterClassExW
LoadBitmapW
LoadStringW
DestroyIcon
RegisterClassW
DefWindowProcW
LoadIconW
ShowWindow
LoadAcceleratorsW
DestroyAcceleratorTable
MessageBoxW
CreateWindowExW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 471KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b417146e6efc9ad92ffaeb15bd2e3ee3

Headers

File Characteristics

Imports

shell32

comctl32

advapi32

comdlg32

kernel32

user32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 471KB - Virtual size: 471KB

.data Size: 112KB - Virtual size: 126KB

.rsrc Size: 113KB - Virtual size: 113KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 471KB - Virtual size: 471KB

.data
Size: 112KB - Virtual size: 126KB

.rsrc
Size: 113KB - Virtual size: 113KB