087f4036dc3ad40b42b6e8c04838b671_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

087f4036dc3ad40b42b6e8c04838b671_JaffaCakes118
Size

481KB
MD5

087f4036dc3ad40b42b6e8c04838b671
SHA1

c5744079d21b85d2ae1254944e5bd8354ee41dff
SHA256

15482eee028f8d322c3ede0ab533d814881379f41f319068c165a04f8c8e0941
SHA512

0a51f0681ba35da9c76de4564a23476ddfa53866fe11447ce61563e41bc05fce175456cf1c334416cc6cbd8b09d9bdd7aeabf116df3b845e4e184ad2889b35b0
SSDEEP

6144:aaoW+jn9FY8QgDiHJDH80s8jct3InoQSt+HPZs9JCmvmhlH5eSCSsvlVvwq5zjJX:470HJoX8k3InoQStWkZmn/ulVvwQt4a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
087f4036dc3ad40b42b6e8c04838b671_JaffaCakes118

Files

087f4036dc3ad40b42b6e8c04838b671_JaffaCakes118
.exe windows:4 windows x86 arch:x86

133b749b278374d93c637647476fb994

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
SetConsoleCursorInfo
GetWindowsDirectoryW
WriteProfileStringW
lstrcmpW
GetProfileStringW
MoveFileExA
lstrcatA
GlobalWire
TryEnterCriticalSection
GetLogicalDriveStringsA
OpenFileMappingW
MoveFileExW
FoldStringW
CreateFileA
WaitCommEvent
SetCurrentDirectoryW
EnumResourceTypesA
WriteConsoleOutputCharacterW
EnumCalendarInfoA
ReadConsoleA
OpenFileMappingA
SetVolumeLabelA
EnumResourceLanguagesA
UpdateResourceW
GetSystemDefaultLCID
UnmapViewOfFile
WriteConsoleOutputW
EnumResourceTypesW
DeleteAtom
BeginUpdateResourceW
DosDateTimeToFileTime
lstrcmpiA
CreateFileW
GetLargestConsoleWindowSize
SetThreadContext
SetEndOfFile
DeleteFiber
GetHandleInformation
OpenFile
FileTimeToSystemTime
lstrcatW
GetThreadTimes
SetComputerNameW
GetProcessVersion
GetLocaleInfoW
DisconnectNamedPipe
WriteConsoleW
DefineDosDeviceA
VirtualQueryEx
DebugBreak
GetComputerNameW
GetTempFileNameA
GetAtomNameW
GetNamedPipeHandleStateW
GetPrivateProfileStringW
GetModuleHandleW
UnlockFileEx
ExitThread
GetVersion
HeapCreate
TlsSetValue
GetFileType
CommConfigDialogW
GetPrivateProfileStructW
Heap32Next
SetFileTime
Thread32Next
FindResourceExA
OutputDebugStringA
VirtualFreeEx
WriteFileGather
SystemTimeToFileTime
InterlockedIncrement
FillConsoleOutputAttribute
ReadFileScatter
FindAtomA
GetStringTypeExW
Module32First
RemoveDirectoryW
LoadModule
FreeEnvironmentStringsW
Toolhelp32ReadProcessMemory
GetDiskFreeSpaceExW
CreateNamedPipeA
GetTempFileNameW
CreateTapePartition
EnumCalendarInfoW
SetConsoleTitleA
SetHandleCount
GetNamedPipeInfo
LeaveCriticalSection
FreeLibrary
GlobalFindAtomA
FormatMessageW
DeviceIoControl
SystemTimeToTzSpecificLocalTime
ReadProcessMemory
GetNamedPipeHandleStateA
PeekNamedPipe
LocalHandle
EscapeCommFunction
InterlockedCompareExchange
CreateDirectoryA
WritePrivateProfileSectionA
FileTimeToDosDateTime
GetProcessAffinityMask
ResumeThread
RtlZeroMemory
CreateThread
FindAtomW
FlushInstructionCache
GetStringTypeExA
GetVolumeInformationA
GetPrivateProfileStructA
GetEnvironmentVariableW
GetCommandLineW
DefineDosDeviceW

advapi32

RegCreateKeyExA
LookupAccountSidA
RevertToSelf
CryptGetHashParam
InitializeSecurityDescriptor
ReportEventW
LookupPrivilegeNameW
CryptGetDefaultProviderA
RegFlushKey
RegOpenKeyA
RegConnectRegistryW
CryptSetHashParam
RegOpenKeyW
RegEnumKeyExA
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
RegEnumKeyA
RegEnumValueW
CryptSetKeyParam
CryptSignHashW
CreateServiceA
RegQueryMultipleValuesA
CryptEnumProvidersW
CryptVerifySignatureW
RegQueryValueA
RegNotifyChangeKeyValue
RegQueryValueW
CryptDuplicateHash
CryptAcquireContextA
CryptContextAddRef
RegSetValueExA
CryptHashData
CryptExportKey
RegOpenKeyExW
LookupPrivilegeDisplayNameW
RegQueryValueExA
RegQueryMultipleValuesW
CryptImportKey
CryptGetProvParam
LookupPrivilegeValueA
RegConnectRegistryA

user32

MonitorFromRect
GetClipboardOwner
GetMenuInfo
PostMessageW
GetNextDlgTabItem
EnumWindowStationsW
ToUnicodeEx
GetClassNameW
GetMenuCheckMarkDimensions
TileChildWindows
TileWindows
LoadKeyboardLayoutA
SetWindowTextA
DragObject
DialogBoxParamW
MessageBoxIndirectW
CheckMenuRadioItem
BroadcastSystemMessageA
TranslateMessage
CloseDesktop
ValidateRgn
EqualRect
IsDialogMessageW
DdeQueryStringA
DdeGetLastError
SetUserObjectInformationW

comdlg32

GetFileTitleA
GetSaveFileNameW
PrintDlgA

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

133b749b278374d93c637647476fb994

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 171KB - Virtual size: 170KB

.data Size: 282KB - Virtual size: 281KB

.reloc Size: 22KB - Virtual size: 21KB

.bss Size: 5KB - Virtual size: 5KB

.text
Size: 171KB - Virtual size: 170KB

.data
Size: 282KB - Virtual size: 281KB

.reloc
Size: 22KB - Virtual size: 21KB

.bss
Size: 5KB - Virtual size: 5KB