f0b6c3fc1e10743f546bde0880d46ce5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0b6c3fc1e10743f546bde0880d46ce5_JaffaCakes118
Size

381KB
MD5

f0b6c3fc1e10743f546bde0880d46ce5
SHA1

d2f1c7d8e2bd05a3480e2ede6b06268c681d9e1e
SHA256

dd9167ab195e2a52739b2ab8b9b255e59c0df00d1edfcdf15581863e24d5ad33
SHA512

50a02f17618e5c02e827bdedbc22bda6323b34c2a44b036230b8bf0f118008915c272b45472b4d4a52f26bcd34330e723a2bbadd8ce487385926ff84c797c5d7
SSDEEP

6144:ivg3QPQPt9XE1VHqlizMeFQ4dbs7gvJurEZ1eM22zH09hDJjsuImKFTyPm4qZIIQ:iI3QPQPtAVKli4eDNPorRMt49lV2FcCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b6c3fc1e10743f546bde0880d46ce5_JaffaCakes118

Files

f0b6c3fc1e10743f546bde0880d46ce5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef095ae02b49021fcdfdccc3f1f6fa3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

VkKeyScanExA
DlgDirSelectComboBoxExA
RegisterClassA
SetClassLongW
RegisterClassExA
TrackPopupMenu
IsIconic
DestroyWindow
GetMenuState

shell32

ShellExecuteEx
SHChangeNotify
DuplicateIcon
DoEnvironmentSubstW

gdi32

CheckColorsInGamut
EqualRgn

comctl32

InitCommonControlsEx

advapi32

RegQueryValueW
CryptSetProvParam
AbortSystemShutdownW
RegEnumKeyExA
InitiateSystemShutdownW
CryptEnumProviderTypesW
LookupPrivilegeValueA
CryptVerifySignatureW
CryptSignHashW
CryptGetProvParam
RegCreateKeyExA

kernel32

GetCurrentThreadId
TlsSetValue
ExitProcess
FreeEnvironmentStringsW
InterlockedIncrement
GetCommandLineA
CloseHandle
VirtualFree
SetFilePointer
HeapReAlloc
GetModuleHandleA
SetLastError
LCMapStringA
GetLastError
FreeEnvironmentStringsA
SetEnvironmentVariableA
GetCurrentThread
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetAtomNameA
SetHandleCount
GetProcAddress
lstrcat
WideCharToMultiByte
RtlUnwind
VirtualQuery
GetEnvironmentStringsW
GetVersion
WriteFile
GetCPInfo
EnterCriticalSection
InterlockedDecrement
UnhandledExceptionFilter
SetVolumeLabelW
CompareStringA
GetModuleFileNameA
IsBadWritePtr
RaiseException
OpenMutexA
ReadFile
HeapDestroy
GetSystemTime
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeaps
GetFileType
SetStdHandle
LoadLibraryA
CreateMutexA
TerminateProcess
VirtualAlloc
GetStartupInfoA
InterlockedExchange
WriteProfileStringA
GetTickCount
GetStdHandle
GetLocalTime
FlushFileBuffers
QueryPerformanceCounter
TlsGetValue
LeaveCriticalSection
GetACP
GetStringTypeA
TlsAlloc
GetStringTypeW
FindNextFileW
InitializeCriticalSection
EnumResourceLanguagesW
LCMapStringW
CompareStringW
WaitNamedPipeW
HeapCreate
MultiByteToWideChar
WaitCommEvent
TlsFree
HeapFree
GetTimeZoneInformation
HeapAlloc
GetOEMCP
GetCurrentProcess
GetProcessHeap

comdlg32

GetFileTitleW
PrintDlgW
PageSetupDlgW
ReplaceTextA

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef095ae02b49021fcdfdccc3f1f6fa3a

Headers

File Characteristics

Imports

user32

shell32

gdi32

comctl32

advapi32

kernel32

comdlg32

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 4KB - Virtual size: 25KB

.data Size: 208KB - Virtual size: 207KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 4KB - Virtual size: 25KB

.data
Size: 208KB - Virtual size: 207KB

.rsrc
Size: 7KB - Virtual size: 6KB