ffeb0a589c828461eabf94c92520f365_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffeb0a589c828461eabf94c92520f365_JaffaCakes118
Size

415KB
MD5

ffeb0a589c828461eabf94c92520f365
SHA1

34752ceac8704ca3bbe3b3f6fa1c76ea6c409fb4
SHA256

c58c44880c491cb32f304f323bf8819e528c88365b77eeb11e2de4d1851d15af
SHA512

e69a6be2b6389922f8ecceb2394df38b5a79570f595dbfc7a3bed6c8ae0f00d2b9f157be90e283dc0b35fb4747d7b8f2d228fc39a14b164f7abd1b2320208d4a
SSDEEP

12288:mL2JZhQRbQUpjx8FeNriBVJsbGUNXoZedWP7a:mLduXUyodWz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffeb0a589c828461eabf94c92520f365_JaffaCakes118

Files

ffeb0a589c828461eabf94c92520f365_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c03ad9dfe89416d8dce229218e7e2a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ShowX509EncodedCertificate

user32

LoadMenuA
SetActiveWindow
ReplyMessage
GetMenuState
FlashWindow
PaintDesktop
GetSystemMenu
BlockInput
CreateDesktopA
DdeClientTransaction
GetClipboardSequenceNumber
OemToCharA
RegisterClipboardFormatW
IsWindowVisible
FlashWindowEx
SetUserObjectInformationW
CharNextW
WinHelpA

kernel32

SetLastError
VirtualFree
EnterCriticalSection
GetModuleHandleA
GetSystemDefaultLCID
InterlockedExchange
GetCurrentThreadId
WideCharToMultiByte
HeapDestroy
DeleteFiber
GetFullPathNameW
GetTimeZoneInformation
FindResourceExA
TlsFree
GetFileType
GetUserDefaultLCID
GetCommandLineA
GetOEMCP
HeapSize
IsValidLocale
VirtualProtect
IsValidCodePage
GetTimeFormatW
GetSystemTimeAsFileTime
WriteConsoleInputW
GetEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsW
HeapFree
WritePrivateProfileStringA
QueryPerformanceCounter
OpenWaitableTimerA
DeleteFileW
GetVersionExA
LoadLibraryA
CreateProcessW
CompareStringW
GetStdHandle
ReadConsoleOutputCharacterA
GetModuleFileNameA
IsBadWritePtr
LCMapStringW
VirtualAlloc
GetStringTypeA
RtlUnwind
SetHandleCount
LeaveCriticalSection
GetDateFormatA
GetStringTypeW
GetCurrentThread
GetPrivateProfileSectionNamesA
FreeEnvironmentStringsA
GetStartupInfoA
GetLogicalDriveStringsW
TlsSetValue
HeapAlloc
GetTimeFormatA
TlsAlloc
SetConsoleOutputCP
CompareStringA
SetEnvironmentVariableA
GetProcAddress
LCMapStringA
UnhandledExceptionFilter
GetCurrentProcess
HeapCreate
CreateToolhelp32Snapshot
WriteFile
SetThreadPriority
GetTickCount
GetLocaleInfoW
GetLastError
GetSystemInfo
GetCurrentProcessId
VirtualQuery
VirtualQueryEx
HeapReAlloc
ExitProcess
TlsGetValue
GetEnvironmentStrings
InitializeCriticalSection
GetACP
TerminateProcess
GetLocaleInfoA
SetCriticalSectionSpinCount
GetCPInfo
EnumSystemLocalesA
DeleteCriticalSection

comdlg32

GetSaveFileNameA
ReplaceTextW
GetOpenFileNameW
ChooseFontA

advapi32

CryptSetProviderA
CryptReleaseContext
RegSetValueExW
CryptDestroyKey
RegCreateKeyW
LogonUserW
RegCloseKey

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c03ad9dfe89416d8dce229218e7e2a0

Headers

File Characteristics

Imports

wininet

user32

kernel32

comdlg32

advapi32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 8KB - Virtual size: 38KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 8KB - Virtual size: 38KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 2KB - Virtual size: 1KB