f5e73e9ec6f6d5bf7844eb29396fc227_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5e73e9ec6f6d5bf7844eb29396fc227_JaffaCakes118
Size

464KB
MD5

f5e73e9ec6f6d5bf7844eb29396fc227
SHA1

812aa1ceeb844b30544d79c53365bea3322f9067
SHA256

ec390fbe23cb56c359fa9299a766964052f99f3656cf5f5d2e7e729ffa3557a1
SHA512

6654936faeba2e7b2094242a08282f089ae199730b82e4b1719e826c4e3a323a785a21c992c74e99cfc327a5a8d7489e1bb209a1ba34503996a6b28a634c7820
SSDEEP

12288:kgRu5YALmqyXnCN7w77juZ2TsHROW0IN3E4EWJ3+s5BF1/e:6YAaqyXCuv5kP0mOml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5e73e9ec6f6d5bf7844eb29396fc227_JaffaCakes118

Files

f5e73e9ec6f6d5bf7844eb29396fc227_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8a3848aab29eabcdcce4e1b9a7f132a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

DuplicateToken
CryptGetUserKey

kernel32

GetTickCount
WriteConsoleA
InitializeCriticalSection
SetLastError
RaiseException
InterlockedExchange
VirtualAlloc
GetTimeZoneInformation
GetCurrentProcess
GetStdHandle
GetModuleFileNameW
GetNamedPipeHandleStateA
GetProcAddress
HeapFree
GetCurrentProcessId
GlobalGetAtomNameW
LoadLibraryA
IsBadWritePtr
ExitProcess
CompareStringW
CloseHandle
GetCurrentThreadId
MultiByteToWideChar
GetCPInfo
RtlUnwind
LeaveCriticalSection
VirtualQuery
GetCurrentDirectoryW
FreeEnvironmentStringsA
GetVersion
IsBadReadPtr
UnhandledExceptionFilter
DeleteCriticalSection
SetHandleCount
CompareStringA
FreeEnvironmentStringsW
GetStartupInfoW
SetStdHandle
GetModuleHandleA
ReadFile
GetThreadPriority
FlushInstructionCache
GetCurrentThread
HeapCreate
GetStringTypeA
GetCommandLineW
GetEnvironmentStringsW
EnterCriticalSection
GetModuleFileNameA
GetLocalTime
TerminateProcess
TlsGetValue
TlsFree
SetFilePointer
HeapReAlloc
VirtualFree
TlsAlloc
SetEnvironmentVariableA
LCMapStringA
HeapAlloc
GetNumberFormatW
SetVolumeLabelW
FlushFileBuffers
GetSystemDirectoryW
WideCharToMultiByte
TlsSetValue
InterlockedIncrement
OpenMutexA
GetLastError
QueryPerformanceCounter
EnumDateFormatsExW
GetEnvironmentStrings
GetStringTypeW
GetSystemTimeAsFileTime
GetStartupInfoA
HeapDestroy
CreateMutexA
GlobalAddAtomW
WriteFile
GetFileType
InterlockedDecrement
GetLocaleInfoW
GetCommandLineA
LCMapStringW
GetSystemTime

shell32

FindExecutableA
ShellExecuteExA
ExtractIconW

comdlg32

GetOpenFileNameW
GetSaveFileNameA
ChooseColorA
GetFileTitleA

wininet

FtpOpenFileA
InternetReadFileExA

user32

RegisterClassA
CheckMenuRadioItem
DdeSetUserHandle
MonitorFromWindow
InvalidateRgn
SetWindowsHookExW
DdeReconnect
CallMsgFilterA
RegisterClassExA
AdjustWindowRectEx
wvsprintfW
SetWindowContextHelpId
GetForegroundWindow
ShowOwnedPopups
VkKeyScanW
GetMonitorInfoA
GrayStringW
CreatePopupMenu
SetCaretBlinkTime
EnableMenuItem

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8a3848aab29eabcdcce4e1b9a7f132a

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

shell32

comdlg32

wininet

user32

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 63KB - Virtual size: 78KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 63KB - Virtual size: 78KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 13KB - Virtual size: 13KB