f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118
Size

685KB
MD5

f0159b3d5177a20f85eaed6220db12f1
SHA1

de8818347997580a017994f2e3c0f166483e1c4c
SHA256

0cdbfc6df8a1d4f054146c2e5dc92644e0434d813a1991625d62d08a79cafe71
SHA512

498d64c48e797c03e32e20ed9af370f190ce142046b48a8f05251d1407d38830cb026ea6c301ae9f7c43d29c8bdd57af47cf4c16176f9089c9c6b7b1a842de17
SSDEEP

3072:BwlYzdPvGIEA45DEE/GJnQEfLrl1MZHco9DjAoBc:BwChvGd9+EeJQyMJ99N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118

Files

f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2126c28b265eb5ae3adcfe1eb25eb223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetSystemDirectoryA
GetWindowsDirectoryW
OutputDebugStringA
GetLocalTime
HeapCompact
OpenProcess
GetFileTime
GetModuleFileNameA
DosDateTimeToFileTime
LoadLibraryA
FindNextChangeNotification
GlobalMemoryStatusEx
GetDriveTypeW
OutputDebugStringA
ReadProcessMemory
GetWindowsDirectoryA
GetModuleHandleA
ExitProcess
GetVersion
Process32Next
WriteProcessMemory
TerminateProcess
CreateFileW
GetDiskFreeSpaceA
DuplicateHandle
LockFileEx
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeThread
GetDiskFreeSpaceExA
GetLastError
GetComputerNameA
GetACP
GetCurrentDirectoryW
Process32First
CloseHandle
OpenProcess
CreateProcessA
GetProcAddress
GetPriorityClass
GetEnvironmentStrings
GetPrivateProfileSectionA
GetFullPathNameW
CreateToolhelp32Snapshot
CreateRemoteThread
CreateFileW
CreateFileMappingW
GetStartupInfoW
CreateEventW
GetModuleFileNameA
LoadModule
GetCurrentProcess
GetTempPathW
MultiByteToWideChar
LCMapStringW

user32

DispatchMessageA
RegisterClassExA
DdeQueryConvInfo
DdeDisconnect
GetMessageA
CreateWindowExA
UpdateWindow
FillRect
DefWindowProcA
DrawStateW
CheckMenuItem
ShowWindow
TranslateMessage

advapi32

CryptGetKeyParam
RegCreateKeyExA
ControlTraceW
CloseEventLog
SetServiceStatus
SetSecurityDescriptorSacl
RegOpenCurrentUser
CryptHashData
RegDeleteKeyA
GetSecurityDescriptorLength
SetFileSecurityW
CryptDestroyKey
QueryServiceConfigA
RegEnumKeyExW
GetNamedSecurityInfoA
SetSecurityDescriptorOwner

shell32

SHBrowseForFolderW
ExtractAssociatedIconA
Shell_NotifyIconA
SHGetDesktopFolder
FindExecutableA
SHPathPrepareForWriteA
SHFileOperationW
FindExecutableW
PrintersGetCommand_RunDLLA

gdi32

GetOutlineTextMetricsA
MaskBlt
GetStretchBltMode
ScaleViewportExtEx
GetObjectW
SetWorldTransform
ExtFloodFill
ExtTextOutA
SetAbortProc
GetCharABCWidthsW
InvertRgn
FlattenPath
TextOutW
SetEnhMetaFileBits
SetDIBColorTable
CreatePolygonRgn
CreateBrushIndirect
GetGlyphOutlineW
EnumMetaFile
GetRandomRgn
CreateRectRgn
GetEnhMetaFilePaletteEntries
CreateDIBitmap

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2126c28b265eb5ae3adcfe1eb25eb223

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 172KB - Virtual size: 172KB

.data Size: 392KB - Virtual size: 392KB

.idata Size: 108KB - Virtual size: 108KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: 4KB - Virtual size: 28KB

.text
Size: 172KB - Virtual size: 172KB

.data
Size: 392KB - Virtual size: 392KB

.idata
Size: 108KB - Virtual size: 108KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: 4KB - Virtual size: 28KB