10278cc23ee0b0698f8f0690b97e40b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10278cc23ee0b0698f8f0690b97e40b7_JaffaCakes118
Size

310KB
MD5

10278cc23ee0b0698f8f0690b97e40b7
SHA1

50bc8d2176cdad2bd5e07c1d51eb880848c6da7d
SHA256

6e33bd2e03601e49d684dfba8b01e1da3ec5555198fc7154ddb8affe78892e70
SHA512

0b03b7b8ad97be28510288dbc51fb366a7c0f2a7bc8c8e84bfd9ed91755da56ca9692aafd9f7f1a38e1135dac9db2af191ee1ea466aef4992d3e8a381c897754
SSDEEP

6144:aKQxMqALP+lkM6lV/g+Phk60x7/L3+YLGlOB8iNcJu:aKcMqATUkMeg+FmDaYLz8OcJu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10278cc23ee0b0698f8f0690b97e40b7_JaffaCakes118

Files

10278cc23ee0b0698f8f0690b97e40b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab9e4db30519f3bacc89ef4e52ea1d22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetUserDefaultLCID
LCMapStringA
ReadConsoleOutputA
GetStartupInfoW
CompareStringA
HeapAlloc
LoadLibraryA
TlsSetValue
SetEnvironmentVariableA
WideCharToMultiByte
ResetEvent
CompareFileTime
GetCommandLineW
TlsFree
TlsGetValue
GetACP
GetStringTypeW
GetTimeFormatA
MoveFileW
Sleep
GetFileType
GetTimeZoneInformation
GetLastError
WriteProfileSectionA
HeapSize
VirtualFree
GetStringTypeA
GetProcAddress
DeleteCriticalSection
GetStdHandle
HeapFree
GetCompressedFileSizeA
GetEnvironmentStringsW
GetFileSize
InitializeCriticalSectionAndSpinCount
VirtualQuery
SetConsoleCtrlHandler
InterlockedDecrement
SetLastError
GetCPInfo
InterlockedIncrement
UnhandledExceptionFilter
GetStartupInfoA
HeapReAlloc
MultiByteToWideChar
ExitProcess
CompareStringW
MapViewOfFileEx
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidLocale
GetModuleHandleA
GetModuleFileNameW
IsDebuggerPresent
IsValidCodePage
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
GetDateFormatA
GetModuleHandleW
GetCurrentProcessId
GetModuleFileNameA
LCMapStringW
GetCurrentThread
SetCurrentDirectoryW
GetTickCount
HeapDestroy
FreeEnvironmentStringsW
GetLocaleInfoW
TlsAlloc
SetHandleCount
RtlUnwind
GetLocaleInfoA
GetSystemTimeAsFileTime
InterlockedExchange
LeaveCriticalSection
EnumSystemLocalesA
EnterCriticalSection
GetOEMCP
SleepEx
HeapCreate

gdi32

EnumFontFamiliesExA
CreateBitmap
GetCharABCWidthsW
Pie
GetEnhMetaFileDescriptionA
SetBitmapBits
OffsetClipRgn
PlayMetaFileRecord
CreateDIBSection
DrawEscape
FillPath
TextOutA

advapi32

CryptDecrypt
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegReplaceKeyA
RegCreateKeyA
CryptDuplicateKey
CryptSetHashParam
CreateServiceW
RegLoadKeyA
CryptSetProviderExW
RegOpenKeyExA
CryptAcquireContextA
LookupSecurityDescriptorPartsA
LookupPrivilegeNameW
RegQueryValueW
RegEnumValueW
CryptDestroyHash
DuplicateTokenEx

comdlg32

GetSaveFileNameA
FindTextW

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab9e4db30519f3bacc89ef4e52ea1d22

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

comdlg32

Sections

.text Size: 155KB - Virtual size: 155KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 155KB - Virtual size: 155KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 14KB - Virtual size: 13KB