efbe2fc65948635420307823b00ab7cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efbe2fc65948635420307823b00ab7cb_JaffaCakes118
Size

447KB
MD5

efbe2fc65948635420307823b00ab7cb
SHA1

52d56f18209c46ce21525172800e10fa0d4dcc87
SHA256

fe73a6531fce1f9ffa13d70bdd5a63ebe6275900982923466148326cbe3dc3f8
SHA512

f19b5d9dd8b48fd0ec55f5bb7cfdfcf8b9557b2355f148b59c1e7771cae19299e57a2723585b2b1175f9ab653a061e87ad8b7e40df7b48bf5d4f04500cbc5c49
SSDEEP

6144:7ivWcf4GIASO8kAYHDNAuNwK9IpxO1YmFKzn1OP0TtOQyQ2OrDA1OqKs:aZRLSDkAYHKAIpRLT1OM5zli

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efbe2fc65948635420307823b00ab7cb_JaffaCakes118

Files

efbe2fc65948635420307823b00ab7cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

520b7bae6e47679b93f4777e02410f50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap

user32

SetWindowTextW
GetListBoxInfo
SetMenuInfo
DefWindowProcW
GetWindowRect
GetMonitorInfoW
ReuseDDElParam

advapi32

GetUserNameW
LogonUserW
CryptSetProvParam
RegSetValueA
CryptSetProviderExA
CryptSignHashW
RegDeleteValueW
RegReplaceKeyA

kernel32

HeapReAlloc
GetLocaleInfoA
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetCurrentThread
HeapFree
GetACP
WriteProfileSectionA
LoadLibraryA
LCMapStringW
SetHandleCount
TlsFree
CompareStringW
GetDateFormatA
SetConsoleWindowInfo
EnterCriticalSection
TlsSetValue
IsBadWritePtr
FreeEnvironmentStringsW
VirtualProtectEx
MapViewOfFile
GetConsoleTitleW
DuplicateHandle
GetModuleHandleA
HeapAlloc
VirtualFree
WriteConsoleW
GetCurrentProcessId
InitializeCriticalSection
CompareStringA
SetEnvironmentVariableA
GlobalFindAtomA
SetLastError
GetStartupInfoA
GetOEMCP
VirtualQuery
GetCurrentProcess
GetFileType
GetEnvironmentStringsW
IsValidLocale
QueryPerformanceCounter
lstrcpynA
GetProfileSectionW
VirtualProtect
GetStdHandle
LeaveCriticalSection
HeapCreate
GetModuleFileNameA
GetUserDefaultLCID
SetEvent
GetVersionExA
FreeEnvironmentStringsA
LCMapStringA
GetDriveTypeW
VirtualAlloc
GetCommandLineA
RtlUnwind
DeleteCriticalSection
HeapSize
GetProcAddress
ExitProcess
WideCharToMultiByte
UnhandledExceptionFilter
GetLastError
OpenSemaphoreW
ReadConsoleInputA
GetCurrentThreadId
SetEnvironmentVariableW
GetLocaleInfoW
GetCPInfo
IsValidCodePage
GlobalFlags
TlsGetValue
WaitForDebugEvent
GetTickCount
GetEnvironmentStrings
HeapDestroy
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetTimeZoneInformation
MultiByteToWideChar
WriteFile
TerminateProcess
GetLogicalDrives
TlsAlloc
GetTimeFormatA

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

520b7bae6e47679b93f4777e02410f50

Headers

File Characteristics

Imports

comdlg32

user32

advapi32

kernel32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 7KB - Virtual size: 32KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 7KB - Virtual size: 32KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 12KB - Virtual size: 11KB