ea133406b3b817cf129de69910d3aaed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea133406b3b817cf129de69910d3aaed_JaffaCakes118
Size

456KB
MD5

ea133406b3b817cf129de69910d3aaed
SHA1

e39b99cef33af1e7fbe1bbb7da90ae21ee2d639c
SHA256

e19d2340622e2a4c7f547cbf1f52037a1f2dc2ffebec1ecdaf3a46cdffd71981
SHA512

f23c01d905262330549edd1bc11e15fd0b881364ac8334a1322155756f6f23810fdb6b42dd0619bfb6f0c322619ba0edecbb98cdc7baa3dbef93c5c7ca1393cc
SSDEEP

12288:k4CLGUFotDpKypz0rrZeOqg+THSVq+ujNyaGdaVi7IiTb6FO:k4CCUFsbpz0rrP+THgq+daGQV/iTOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea133406b3b817cf129de69910d3aaed_JaffaCakes118

Files

ea133406b3b817cf129de69910d3aaed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e757275ce73961323af684fce98d7d80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

RegisterClassA
DdeSetUserHandle
MessageBoxExW
SetDlgItemTextW
RegisterClassExA
ChangeMenuA

kernel32

InterlockedDecrement
SetTimeZoneInformation
GetLocalTime
GetCommandLineW
VirtualFree
OpenEventW
QueryPerformanceCounter
GetCurrentProcessId
HeapReAlloc
FileTimeToLocalFileTime
GetLastError
RtlUnwind
HeapAlloc
CommConfigDialogA
OpenMutexA
GetModuleHandleA
LCMapStringW
GetThreadContext
MultiByteToWideChar
VirtualAlloc
GetModuleFileNameA
SetEnvironmentVariableA
GetCurrentProcess
UnhandledExceptionFilter
GetCPInfo
TlsGetValue
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
EnterCriticalSection
GetVersion
GetStartupInfoW
GetStartupInfoA
SetThreadIdealProcessor
LoadLibraryA
GetCommandLineA
GetSystemTime
FreeEnvironmentStringsA
ExitProcess
CompareStringW
TerminateProcess
SetLastError
LocalShrink
InitializeCriticalSection
GetCurrentThread
LeaveCriticalSection
GetComputerNameW
GetModuleFileNameW
CompareStringA
WideCharToMultiByte
ReadFile
GetEnvironmentStrings
CloseHandle
HeapCreate
HeapDestroy
DeleteCriticalSection
GetTickCount
GetStringTypeA
EnumResourceNamesW
GetEnvironmentStringsW
SetStdHandle
InterlockedIncrement
CreateMutexA
GetStringTypeW
IsBadWritePtr
FlushFileBuffers
GetOEMCP
VirtualQuery
TlsFree
GetTimeZoneInformation
GetProcAddress
TlsAlloc
TlsSetValue
EnumResourceLanguagesW
InterlockedExchange
GetCurrentThreadId
FreeEnvironmentStringsW
GetStdHandle
SetWaitableTimer
SetFilePointer
LCMapStringA
WriteFile
SetHandleCount
GetFileType
HeapFree

comdlg32

ReplaceTextW

advapi32

LookupAccountNameW
CryptSetProvParam
LogonUserA
StartServiceA
RegCloseKey
RegOpenKeyExW
CryptSetProviderW
CryptGetKeyParam
CryptSetProviderExW
ReportEventW
RegEnumValueW
CryptEnumProviderTypesA
CryptEncrypt
InitiateSystemShutdownA
RegQueryMultipleValuesW
CryptGetDefaultProviderA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e757275ce73961323af684fce98d7d80

Headers

File Characteristics

Imports

comctl32

user32

kernel32

comdlg32

advapi32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 4KB - Virtual size: 14KB

.data Size: 310KB - Virtual size: 310KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 4KB - Virtual size: 14KB

.data
Size: 310KB - Virtual size: 310KB

.rsrc
Size: 6KB - Virtual size: 5KB