feb57456fc7f6d32f3827ef1574e0d3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

feb57456fc7f6d32f3827ef1574e0d3d_JaffaCakes118
Size

427KB
MD5

feb57456fc7f6d32f3827ef1574e0d3d
SHA1

d8d78eb9e8feac09fd16da544d62da8b8c18329d
SHA256

75674fbddafe95ba02054bd2b22f757e9055f2e0835ad8fcdbf5bc422e753d6c
SHA512

70ff2930755d97b2839cfcce9632857853f0d731bcab067beb5da93dfa942147008aa1f20f62a6f44e7816f93d4db4177a450242ab27c1b09d304d98203c1afa
SSDEEP

6144:9qHgDsHm5lK3+p9UG/8u2hOHsFgbrvRDN4OHHg7FBgdyUVYa6Q/K+Ty3xqhp:esdQ+4+ZH+OLRJ4Og7FBNUCa6QByhyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb57456fc7f6d32f3827ef1574e0d3d_JaffaCakes118

Files

feb57456fc7f6d32f3827ef1574e0d3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88c24fb83cdfe152dc091ec08fa14237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
InterlockedDecrement
GetConsoleTitleW
CompareStringW
GetUserDefaultLCID
FreeEnvironmentStringsW
HeapAlloc
LoadLibraryA
WriteFile
Sleep
DeleteCriticalSection
DeleteFiber
FreeEnvironmentStringsA
GetFileType
VirtualFree
WideCharToMultiByte
GetEnvironmentStrings
HeapDestroy
HeapSize
EnterCriticalSection
TlsSetValue
GetOEMCP
InitializeCriticalSection
GetProcessHeap
SetConsoleCursorInfo
IsValidCodePage
GetTimeFormatA
HeapCreate
GetProcAddress
GetACP
GetVersionExA
HeapFree
CompareStringA
GetLocaleInfoW
SetConsoleActiveScreenBuffer
IsValidLocale
VirtualQuery
SetUnhandledExceptionFilter
LCMapStringA
TlsFree
GetEnvironmentStringsW
LCMapStringW
GetCPInfo
GetTimeZoneInformation
HeapReAlloc
SetLastError
ExitProcess
FreeLibrary
EnumSystemLocalesA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetConsoleCtrlHandler
GetModuleHandleA
GetStringTypeA
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
TlsGetValue
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetCurrentProcessId
GetModuleFileNameA
SetEnvironmentVariableA
GetLastError
OpenFile
GetTickCount
IsDebuggerPresent
GetCurrentThread
GetStdHandle
UnhandledExceptionFilter
TlsAlloc
RtlUnwind
GetStartupInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetHandleCount
GetCommandLineA

advapi32

RegEnumValueA
LookupAccountSidA
CryptDuplicateHash
RegCreateKeyExW
LookupAccountNameA
RegNotifyChangeKeyValue
CryptSetProvParam

comdlg32

FindTextW
GetFileTitleW
GetSaveFileNameW
ReplaceTextW
GetOpenFileNameA
PrintDlgW
GetSaveFileNameA
ChooseColorA
ChooseColorW
PageSetupDlgA
ReplaceTextA
LoadAlterBitmap
FindTextA
ChooseFontW

user32

DestroyCaret
SetMenuContextHelpId
MonitorFromRect
VkKeyScanExA
CreateDesktopA
InsertMenuItemW
ExitWindowsEx
CreateWindowExA
SendMessageW
MonitorFromPoint
CascadeWindows
LockWindowUpdate
DialogBoxIndirectParamW
TrackPopupMenu
SetWindowPos
OpenInputDesktop
SetWindowsHookExA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88c24fb83cdfe152dc091ec08fa14237

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

user32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 275KB - Virtual size: 293KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 275KB - Virtual size: 293KB

.rsrc
Size: 14KB - Virtual size: 14KB