ef266b76d012c4e89e2b0c2e1c6d8d71_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef266b76d012c4e89e2b0c2e1c6d8d71_JaffaCakes118
Size

554KB
MD5

ef266b76d012c4e89e2b0c2e1c6d8d71
SHA1

76a6033b8d61015ab251a3547e70577d5f2cfbfa
SHA256

321f867a29050f32a8459acac770f8a6d239fe1d786a45163872397d78bae7e8
SHA512

db68fe64b0f0454e351509de6551047373d3c8e7445aa76ebca5b6ad5eec0316b59ddbcfea3efbbee3d44b9180db45cf6a13667eab371ae52ff6bc514b6a623e
SSDEEP

12288:273dTuZ6dTIgV/Fe/8BY8ND9W7cjyPXC2h8a:27RydgbSCD9WRC8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef266b76d012c4e89e2b0c2e1c6d8d71_JaffaCakes118

Files

ef266b76d012c4e89e2b0c2e1c6d8d71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d789abfbb66f0da640a8f9e5878deee2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReuseDDElParam
OpenInputDesktop
GetMessageExtraInfo
GetMessagePos
CopyAcceleratorTableA
RegisterClassA
SetMenu
SetCaretBlinkTime
SetUserObjectSecurity
RegisterClassExA
ValidateRect
CallWindowProcW

comdlg32

GetSaveFileNameA
PrintDlgA

shell32

DragQueryFile
SHGetFileInfo
SHFormatDrive

advapi32

CryptGetDefaultProviderW
RegDeleteKeyW
RegFlushKey
CryptDestroyHash
GetUserNameA
CryptHashSessionKey
RegSaveKeyA
CreateServiceW
LookupAccountNameA
LookupPrivilegeNameA
RegOpenKeyExW
CryptSignHashA
CryptGetHashParam
CryptVerifySignatureW
CryptEnumProviderTypesW
LookupAccountNameW
CryptSetProviderW
CryptEncrypt
LookupPrivilegeDisplayNameW

kernel32

CreateMutexA
OpenWaitableTimerW
GetCurrentThreadId
HeapAlloc
GetModuleFileNameW
GetSystemTimeAsFileTime
GetStringTypeA
GetEnvironmentStrings
CompareStringA
GetCurrentProcessId
GetFullPathNameA
GetEnvironmentStringsW
FreeEnvironmentStringsA
IsValidCodePage
CompareStringW
ReadConsoleW
GetVersionExA
GetLastError
GetTickCount
FlushFileBuffers
WideCharToMultiByte
GetFileType
ExitProcess
GetSystemInfo
GetTimeFormatA
LoadLibraryA
GetOEMCP
SetHandleCount
TlsFree
InitializeCriticalSection
HeapDestroy
CreateSemaphoreW
GetCPInfo
RtlUnwind
IsValidLocale
LeaveCriticalSection
SetLastError
GetModuleHandleA
HeapCreate
TlsSetValue
SetEnvironmentVariableA
ReadFile
TlsGetValue
EnterCriticalSection
GetACP
CloseHandle
VirtualProtect
GlobalUnfix
VirtualFree
GetCommandLineA
MultiByteToWideChar
GetLocaleInfoA
TerminateProcess
DeleteCriticalSection
UnhandledExceptionFilter
GetStringTypeW
WriteFile
OpenMutexA
HeapSize
QueryPerformanceCounter
EnumSystemLocalesA
GetCurrentProcess
GetStdHandle
TlsAlloc
GetStartupInfoW
GetUserDefaultLCID
GetModuleFileNameA
GetTimeZoneInformation
GetCurrentThread
SetStdHandle
IsBadWritePtr
SetFilePointer
GetCommandLineW
GetStartupInfoA
FindNextFileA
InterlockedExchange
FreeEnvironmentStringsW
VirtualAlloc
GetDateFormatA
HeapFree
LCMapStringA
GetComputerNameW
GetProcAddress
GetLocaleInfoW
VirtualQuery
LCMapStringW
HeapReAlloc

gdi32

SetTextAlign
TextOutA
GetTextExtentPointW
CreateSolidBrush
Arc
GetDeviceGammaRamp
GetOutlineTextMetricsW
OffsetWindowOrgEx
GetTextExtentExPointA
GetBoundsRect
GetSystemPaletteUse
Escape
RoundRect

comctl32

InitCommonControlsEx

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d789abfbb66f0da640a8f9e5878deee2

Headers

File Characteristics

Imports

user32

comdlg32

shell32

advapi32

kernel32

gdi32

comctl32

Sections

.text Size: 220KB - Virtual size: 219KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 8KB - Virtual size: 8KB