f6cb8fc57931f51c655fee785410570c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6cb8fc57931f51c655fee785410570c_JaffaCakes118
Size

423KB
MD5

f6cb8fc57931f51c655fee785410570c
SHA1

494cfb2552db90ac30e3c34d4fec6aa73c6382c5
SHA256

3bff42a893ebad815c5e40baef2f661b78bb8b33d69583117d8be13ec406e763
SHA512

02df0776f39444077b365f7889940af468fc66c6289c432a35523e289466b8875e2fbfef315347e6ab2b7f5e43e754d4a3ebeef05bad211a3d60e9aad8a2fbf3
SSDEEP

6144:i3yrLbXcQvr5eOCyFT9bSzaHEgCBD1RuzWWJwe7U7sl0y6WxgJKM2LAR2aO0SLn3:i3qX9YZi2VRuzf5l0LwgL2cgrLMOTrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6cb8fc57931f51c655fee785410570c_JaffaCakes118

Files

f6cb8fc57931f51c655fee785410570c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fb21f80a4dd45d50e49aafc0cb4e00e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameA
GetFileTitleA
PageSetupDlgA
LoadAlterBitmap
FindTextW

advapi32

DuplicateToken
CryptDeriveKey
CryptDestroyHash
LookupPrivilegeValueA
AbortSystemShutdownW
CryptAcquireContextA
RegEnumKeyW
LookupPrivilegeValueW
CryptCreateHash
CryptReleaseContext
CryptHashSessionKey
RegEnumKeyExW
RegEnumKeyA

shell32

SHQueryRecycleBinA
SHGetSpecialFolderPathA
ExtractIconEx
DragAcceptFiles
SHGetInstanceExplorer
SHGetDesktopFolder
DoEnvironmentSubstA
SheChangeDirExW
DragQueryFileAorW
SHBrowseForFolderW
SHGetNewLinkInfo
InternalExtractIconListW
CommandLineToArgvW
ShellExecuteEx
SHGetPathFromIDListW
SHFormatDrive
ShellExecuteA
SHGetMalloc
SHGetDataFromIDListA

gdi32

CreateScalableFontResourceA
GetObjectA
GetColorSpace
EnumICMProfilesA

kernel32

TlsFree
DeleteCriticalSection
GetLastError
VirtualAlloc
InitializeCriticalSection
LCMapStringW
SetLastError
GetEnvironmentStrings
InterlockedExchange
HeapDestroy
SetConsoleCtrlHandler
HeapSize
EnumSystemLocalesA
GetModuleHandleA
GetProcessHeap
VirtualQuery
MultiByteToWideChar
WriteFile
GetProcAddress
GetStartupInfoA
LCMapStringA
GetModuleFileNameW
GetLocaleInfoW
HeapReAlloc
UnhandledExceptionFilter
SetEnvironmentVariableA
GetCPInfo
GetStdHandle
GetLocaleInfoA
HeapFree
GetSystemTimeAsFileTime
GetOEMCP
FreeLibrary
Sleep
GetTimeZoneInformation
SetHandleCount
TlsAlloc
GetCommandLineA
GetCommandLineW
SetUnhandledExceptionFilter
CompareStringA
GetCurrentThread
GetUserDefaultLCID
GetACP
TlsGetValue
VirtualFree
GetVersionExA
IsDebuggerPresent
TlsSetValue
FreeEnvironmentStringsW
GetCurrentProcessId
WideCharToMultiByte
LoadLibraryA
EnterCriticalSection
FreeEnvironmentStringsA
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
CompareStringW
TerminateProcess
MapViewOfFileEx
GetStringTypeW
GetStartupInfoW
OpenWaitableTimerW
GetCurrentThreadId
IsValidCodePage
GetFileType
GetCurrentProcess
IsValidLocale
RtlUnwind
GetTimeFormatA
HeapAlloc
GetEnvironmentStringsW
GetDateFormatA
GetStringTypeA
HeapCreate
InterlockedDecrement
GetModuleFileNameA
InterlockedIncrement
ExitProcess

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fb21f80a4dd45d50e49aafc0cb4e00e

Headers

File Characteristics

Imports

comdlg32

advapi32

shell32

gdi32

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.data Size: 273KB - Virtual size: 296KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 141KB - Virtual size: 141KB

.data
Size: 273KB - Virtual size: 296KB

.rsrc
Size: 7KB - Virtual size: 7KB