ec181969b1ae9cdd79c474ec1b49a590_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec181969b1ae9cdd79c474ec1b49a590_JaffaCakes118
Size

517KB
MD5

ec181969b1ae9cdd79c474ec1b49a590
SHA1

c450e04a051ca85bc248f389e11e991e511bf9be
SHA256

75eeb425554b4982b355f5a5986876fe54f71f7397f0fbb2dd1784d62f51dfe3
SHA512

379d6ab6200e9b16fee77fa7f1ceacbb78e8e1fff851b88a86501fabc70a9b1d82f2f637768f072febcfc3dffc6018e8f560cfe6cb3619ace1a84d457b3beeaa
SSDEEP

12288:cizuzZO56vug+V62G3ZlGjrE/SAihdafrvi5TGTe:cizuzZO3vV6HZ4rESNHajviEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec181969b1ae9cdd79c474ec1b49a590_JaffaCakes118

Files

ec181969b1ae9cdd79c474ec1b49a590_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d6851b8ead2cf1a14a4a6b67d4c73a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
FindFirstFileA
CreateMutexA
CreateMailslotW
CreateDirectoryA
RtlUnwind
TlsGetValue
EnumDateFormatsExA
GetProcessHeap
WriteConsoleW
GetFileType
GetConsoleMode
MapViewOfFileEx
VirtualFree
FreeEnvironmentStringsA
DeleteCriticalSection
GetACP
FlushFileBuffers
GetProfileIntA
MoveFileExW
HeapSize
IsDebuggerPresent
GetCommandLineA
FreeLibrary
ReadFile
MapViewOfFile
InterlockedIncrement
GetModuleFileNameA
WriteFile
GetOEMCP
CompareStringW
CloseHandle
GetCurrentProcess
SetEnvironmentVariableA
MultiByteToWideChar
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentVariableW
GetPrivateProfileStructA
SetFilePointer
ExitProcess
WideCharToMultiByte
InitializeCriticalSection
GetStdHandle
GetSystemTimeAsFileTime
GetVersionExA
GetLastError
EnterCriticalSection
GetCurrentThread
TlsSetValue
OpenFileMappingA
InterlockedDecrement
GetLogicalDriveStringsA
SetUnhandledExceptionFilter
HeapFree
LCMapStringA
GetLocaleInfoA
UnhandledExceptionFilter
SetLastError
GetTimeFormatA
InterlockedExchange
IsValidCodePage
GetStringTypeA
GetConsoleCP
CreateFileA
GetCurrentProcessId
GetCPInfo
GetProcAddress
HeapReAlloc
GetConsoleOutputCP
CreateToolhelp32Snapshot
LoadLibraryA
GetLocaleInfoW
EnumSystemLocalesA
GetUserDefaultLCID
VirtualQuery
GetStartupInfoA
WriteConsoleA
GetDateFormatA
CompareStringA
GetTickCount
SetHandleCount
TlsFree
OpenMutexA
GetModuleHandleA
LeaveCriticalSection
HeapDestroy
GetTimeZoneInformation
Sleep
QueryPerformanceCounter
SetConsoleCtrlHandler
GetStringTypeW
GetCurrentThreadId
HeapCreate
GetFullPathNameA
TlsAlloc
FreeEnvironmentStringsW
LCMapStringW
VirtualAlloc
HeapAlloc
GetEnvironmentStrings
TerminateProcess
SetThreadIdealProcessor

advapi32

RegOpenKeyExA
CryptGenRandom
ReportEventA
CryptEnumProvidersW
RegLoadKeyW
RegDeleteKeyA
CreateServiceW
RegSaveKeyA
RegEnumKeyW
CryptAcquireContextA
RegFlushKey
CryptGetUserKey
InitializeSecurityDescriptor
CryptSignHashW
RevertToSelf
CryptEnumProviderTypesA
CryptSetProviderExA
RegEnumKeyA
RegQueryMultipleValuesA
RegQueryInfoKeyA
CryptEnumProvidersA
RegQueryMultipleValuesW
CryptEnumProviderTypesW

wininet

FtpPutFileW
InternetSetOptionExW
InternetGetConnectedStateEx
ResumeSuspendedDownload
FtpGetCurrentDirectoryW

comctl32

InitCommonControlsEx

user32

CharPrevA
GetKeyboardState
GetClassInfoExA
FrameRect
SetClipboardData
UpdateWindow
EmptyClipboard
GetWindowTextA
GetClipboardFormatNameW
RegisterClassExA
EnumClipboardFormats
SetWindowRgn
RegisterClassA

comdlg32

ChooseFontA
ReplaceTextW
GetSaveFileNameW

gdi32

EnumFontsA
BeginPath
ScaleWindowExtEx
GetWindowOrgEx
GetMetaFileA
GetPixel
GetTextExtentExPointW
FillRgn
AbortPath
GetClipBox
DescribePixelFormat
GetCharWidth32W
StrokeAndFillPath
SelectObject
LPtoDP
SetPixelFormat
GetTextCharacterExtra
EndPath
PolyBezierTo
Polyline
DPtoLP

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d6851b8ead2cf1a14a4a6b67d4c73a0

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

comctl32

user32

comdlg32

gdi32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 11KB - Virtual size: 22KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 11KB - Virtual size: 22KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 18KB - Virtual size: 18KB