ea261207781e5ea9f1bcedffa938c1b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea261207781e5ea9f1bcedffa938c1b1_JaffaCakes118
Size

385KB
MD5

ea261207781e5ea9f1bcedffa938c1b1
SHA1

79949e7fe3c723c8c8468b45e1a1c3a77ac51ae5
SHA256

6e5ccdecf085003908d0e42e677c2c10bb5b0a3b3d3b3cfaa076dc70ab6843b2
SHA512

557235fdaf8873daa3ece3bd07f786f3e98af26dff4fd46760d83307bb4347bc5f0250d72f26058d47ac910172c1580136e4de13900538727ec465bd91cd2248
SSDEEP

12288:ofqhDZN1EhYoIDa18+2nGza63C1whFmWzhyDXeEykw:ofSD5c6nGzrCAFhzhSXe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea261207781e5ea9f1bcedffa938c1b1_JaffaCakes118

Files

ea261207781e5ea9f1bcedffa938c1b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caf75dee5730a3c197647f5f4c31d96a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
PageSetupDlgW
ChooseFontW
PageSetupDlgA
PrintDlgA
ReplaceTextW
FindTextA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetFileTitleW
GetFileTitleA
ReplaceTextA

advapi32

LookupAccountSidW
RegOpenKeyW
LookupPrivilegeValueW
RegReplaceKeyW
DuplicateToken
RegDeleteKeyW
CreateServiceA
CryptSetHashParam
CryptGenKey
RegSaveKeyA
CryptSetKeyParam
RegFlushKey
RegOpenKeyExA
CryptVerifySignatureA
RegEnumKeyW
RegConnectRegistryA
LogonUserA

gdi32

ModifyWorldTransform
SetColorSpace
GetGlyphOutline
PlayMetaFileRecord
GetArcDirection
GetColorSpace
GetCharWidthFloatA
GetMetaFileW
GetTextCharsetInfo
CreateDiscardableBitmap
GetRandomRgn

wininet

InternetDialA
RetrieveUrlCacheEntryStreamA
FindFirstUrlCacheEntryExW
FreeUrlCacheSpaceA
SetUrlCacheConfigInfoA
GopherOpenFileW
FindNextUrlCacheGroup
IncrementUrlCacheHeaderData
UnlockUrlCacheEntryFile
CreateUrlCacheGroup
HttpEndRequestA
InternetSetDialStateW
ShowCertificate
GopherFindFirstFileW
InternetConfirmZoneCrossing
HttpSendRequestA
InternetSecurityProtocolToStringA
FtpPutFileEx
GetUrlCacheEntryInfoExA
InternetReadFile
CreateUrlCacheEntryA
InternetUnlockRequestFile
InternetSetFilePointer

kernel32

InterlockedExchange
IsBadWritePtr
FreeEnvironmentStringsW
VirtualQuery
GetLastError
TerminateProcess
HeapFree
GetProcAddress
ExitProcess
RtlUnwind
WriteFile
GetEnvironmentStringsW
GetModuleFileNameA
SetHandleCount
LoadLibraryA
WriteFileEx
GetCommandLineW
HeapReAlloc
TlsGetValue
UnhandledExceptionFilter
LeaveCriticalSection
GetCurrentProcessId
EnterCriticalSection
GetStartupInfoW
GetTickCount
GetCurrentProcess
HeapAlloc
FileTimeToSystemTime
GetCommandLineA
GetModuleFileNameW
SetLastError
lstrcpy
TlsAlloc
GetStdHandle
GetCurrentThread
SetStdHandle
VirtualAlloc
GetEnvironmentStrings
GetVersion
FreeEnvironmentStringsA
GetEnvironmentStringsA
TlsSetValue
HeapDestroy
VirtualFree
GetComputerNameW
TlsFree
GetCurrentThreadId
FindFirstFileExA
GetSystemTimeAsFileTime
InitializeCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
GetFileType

shell32

DragQueryFile
SheChangeDirExW
RealShellExecuteExA
DragAcceptFiles
SHFormatDrive
ShellExecuteW
ExtractAssociatedIconExA
SHEmptyRecycleBinW
SHGetDiskFreeSpaceA
SHAppBarMessage
SHGetDesktopFolder
SHAddToRecentDocs
SheGetDirA
DragFinish
SHGetSettings
SHInvokePrinterCommandA
ExtractIconA

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caf75dee5730a3c197647f5f4c31d96a

Headers

File Characteristics

Imports

comdlg32

advapi32

gdi32

wininet

kernel32

shell32

Sections

.text Size: 111KB - Virtual size: 110KB

.data Size: 266KB - Virtual size: 295KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 111KB - Virtual size: 110KB

.data
Size: 266KB - Virtual size: 295KB

.rsrc
Size: 7KB - Virtual size: 6KB