eb1c3aaf1f9a922ced2d6a6ef03d1265_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb1c3aaf1f9a922ced2d6a6ef03d1265_JaffaCakes118
Size

376KB
MD5

eb1c3aaf1f9a922ced2d6a6ef03d1265
SHA1

332985838ca8d9aa7e1872bf1619a375e3b4edc8
SHA256

efd071bf282f992baf0e7bda04665bce008f02fd70718b9def74329d59e6cb59
SHA512

2017e4dec1a5ff9f29e1d39b04ae61a3fa37b6e727212be0d7a7031d6bb9ddc2343b17d045098e72e6aeafc6539cd0bbef942022cf709799b2e8be951fd26547
SSDEEP

6144:XBXg8ug7FLd5owNf09gjl57e9gXUmQtUsgLbqSEdZ5ORW:XtgAFR5tlFP/kmQtURLbqSEdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb1c3aaf1f9a922ced2d6a6ef03d1265_JaffaCakes118

Files

eb1c3aaf1f9a922ced2d6a6ef03d1265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03a8fd40ed495ffaebf24a8696527cb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindFirstUrlCacheContainerA
SetUrlCacheEntryInfoA
SetUrlCacheEntryGroupA
UnlockUrlCacheEntryStream
GetUrlCacheConfigInfoA
RetrieveUrlCacheEntryStreamW
FindFirstUrlCacheEntryExA
FindFirstUrlCacheEntryExW

advapi32

RegQueryInfoKeyA
CryptVerifySignatureA
CryptEncrypt
RegDeleteKeyW
RegEnumKeyA
RegEnumKeyExW
RegSaveKeyW
LogonUserA
LookupAccountNameW
RegEnumValueW
CryptSignHashW
RegCreateKeyExA
CryptEnumProvidersW
CryptSetProviderA
CryptDestroyKey
DuplicateToken
RegEnumKeyExA
RegCloseKey
CreateServiceW
LookupPrivilegeDisplayNameW
CryptGetKeyParam
GetUserNameA
RegOpenKeyExA
CryptImportKey

kernel32

CreateMutexA
GetTimeFormatA
RtlUnwind
HeapReAlloc
HeapSize
ReadConsoleInputA
FreeLibrary
HeapDestroy
VirtualFree
GetModuleHandleA
FreeEnvironmentStringsW
LoadLibraryA
IsValidCodePage
CreateMutexW
GetModuleHandleW
lstrcpyW
SetFilePointer
GetProcAddress
GetCurrentProcess
EnterCriticalSection
LCMapStringW
GlobalFree
WriteFile
GetUserDefaultLCID
GetStringTypeW
CompareStringA
CopyFileA
GetCurrentThreadId
GetStdHandle
InterlockedDecrement
GetLocaleInfoA
GetSystemTimeAsFileTime
TlsSetValue
TerminateProcess
CommConfigDialogW
HeapFree
GetStringTypeA
SetLastError
TlsAlloc
InterlockedExchange
CreateFileA
GetLastError
GetStartupInfoW
GlobalAddAtomW
WideCharToMultiByte
GetConsoleMode
SetStdHandle
DeleteCriticalSection
GetConsoleCP
GetModuleFileNameW
UnmapViewOfFile
VirtualAlloc
GetCommandLineW
TlsGetValue
SetConsoleCtrlHandler
GetACP
FlushFileBuffers
GetCurrentThread
GetConsoleOutputCP
ReadFile
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
SetLocaleInfoW
OpenMutexA
IsDebuggerPresent
CloseHandle
GetTickCount
WriteConsoleW
ExitProcess
GetTimeZoneInformation
LCMapStringA
EnumSystemLocalesA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetLocaleInfoW
EnumDateFormatsA
GetOEMCP
WriteConsoleA
VirtualQuery
UnhandledExceptionFilter
GetFileType
QueryPerformanceCounter
SetHandleCount
GetCurrentProcessId
GetStartupInfoA
InterlockedIncrement
GetCPInfo
GetProfileStringW
IsValidLocale
GetDateFormatA
GetModuleFileNameA
LeaveCriticalSection
TlsFree
Sleep
GetCommandLineA
OpenMutexW
HeapCreate
InitializeCriticalSectionAndSpinCount
HeapAlloc
GetPriorityClass
VirtualProtectEx

user32

DrawTextExW
EnumDisplaySettingsExA
CallWindowProcA
LoadImageW
GetInputDesktop
LookupIconIdFromDirectory
MapWindowPoints
DefFrameProcA
RegisterClassExA
wvsprintfW
RegisterClassA
GetWindowModuleFileNameA
RegisterWindowMessageW
CheckRadioButton
CharToOemA
TrackPopupMenuEx
EnumPropsExA
MessageBoxA
wsprintfW
CreateDialogIndirectParamW
GetClassInfoExA
EndDialog
DrawStateW
CreateCaret

gdi32

SetTextColor
ExtFloodFill
Ellipse
PlayMetaFileRecord
CreateEllipticRgn

comctl32

InitCommonControlsEx

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03a8fd40ed495ffaebf24a8696527cb4

Headers

File Characteristics

Imports

wininet

advapi32

kernel32

user32

gdi32

comctl32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 11KB - Virtual size: 32KB

.data Size: 176KB - Virtual size: 175KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 11KB - Virtual size: 32KB

.data
Size: 176KB - Virtual size: 175KB

.rsrc
Size: 3KB - Virtual size: 3KB