151b2650b878622785af4f89ed5fd6fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

151b2650b878622785af4f89ed5fd6fc_JaffaCakes118
Size

457KB
MD5

151b2650b878622785af4f89ed5fd6fc
SHA1

7bcf6cdcb086bfb9e30ae2ba808b47d18458f610
SHA256

c11e517869d2b5232d9ef7c8c61390ab006e80fed37e025e1e490dad7d312613
SHA512

11362f660bd04f9e5f306d550874625279fcd86952901f3243e4af7b570ec556b369fed7316e1080d619519adfa2b12d9cba1db1bc160926816e8e6f11da7749
SSDEEP

6144:rHeTjjgoiaSmzqdYjkG8soFkh1FO8ATfFN8uOAuwueiDl3ZfazmsiW4e2HWEynpp:2jgfszqdYjMkh1wuwM53ZKmzW4ePnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
151b2650b878622785af4f89ed5fd6fc_JaffaCakes118

Files

151b2650b878622785af4f89ed5fd6fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf1be4a9864ee1296fa906d38226f8a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerBuffA
MapVirtualKeyExW
DdeImpersonateClient
EnumPropsExA
GetMenuBarInfo
SendIMEMessageExA
DrawStateA
GetCaretPos
EnumPropsW
DlgDirListComboBoxA
CharToOemBuffA
CallWindowProcA
DialogBoxParamA
SetScrollInfo
InsertMenuW
InsertMenuA
SetCursorPos
DefDlgProcA
FlashWindowEx
LoadKeyboardLayoutW
GetLastActivePopup
BroadcastSystemMessageW

advapi32

RegReplaceKeyA
RegEnumKeyExW
RegQueryValueA
CryptGenRandom
CryptSetProviderW
CryptHashSessionKey
CryptEnumProviderTypesW
RegDeleteValueW
RegConnectRegistryW
CryptGetKeyParam
CryptEnumProvidersW
GetUserNameW
CryptGetHashParam
LogonUserA
ReportEventW
RegEnumValueW
CryptSetProvParam

comdlg32

ReplaceTextW
LoadAlterBitmap
ReplaceTextA
ChooseFontA
ChooseFontW
GetOpenFileNameW
PrintDlgW
PageSetupDlgW
PageSetupDlgA
GetOpenFileNameA
ChooseColorW
ChooseColorA

wininet

FindNextUrlCacheContainerA
FtpOpenFileW
SetUrlCacheEntryGroupA
CreateUrlCacheEntryW
InternetSetOptionW
FtpPutFileEx
GetUrlCacheHeaderData

kernel32

GetACP
GetNumberFormatW
LCMapStringW
HeapAlloc
WriteProfileSectionW
VirtualAlloc
WideCharToMultiByte
GetModuleHandleA
GetCurrentThreadId
GetVersion
GetCurrentProcessId
FindNextChangeNotification
VirtualQuery
GetModuleFileNameA
GetOEMCP
DeleteCriticalSection
MultiByteToWideChar
GetProcAddress
GetStdHandle
GetCurrentProcess
TlsAlloc
LeaveCriticalSection
GetCurrentDirectoryW
GetCompressedFileSizeA
GetLastError
WriteFile
GetEnvironmentStrings
TlsSetValue
TerminateProcess
TlsFree
GetMailslotInfo
HeapFree
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetFileType
LCMapStringA
GetStringTypeA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
HeapSize
HeapReAlloc
RtlUnwind
IsBadWritePtr
InitializeCriticalSection
GetStartupInfoA
DebugActiveProcess
GetSystemTime
GetCPInfo
LoadLibraryA
QueryPerformanceCounter
GetCommandLineA
HeapDestroy
HeapCreate
GetEnvironmentStringsW
SetFileAttributesA
SetLastError
SetHandleCount
GetStringTypeW
EnterCriticalSection
GetPrivateProfileStructW
GetCurrentThread
ExitProcess
TlsGetValue
VirtualFree

gdi32

SetMapMode

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf1be4a9864ee1296fa906d38226f8a4

Headers

File Characteristics

Imports

user32

advapi32

comdlg32

wininet

kernel32

gdi32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 305KB - Virtual size: 305KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 305KB - Virtual size: 305KB

.rsrc
Size: 5KB - Virtual size: 5KB