11d56904c13f3eae0e17e614412ac48d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11d56904c13f3eae0e17e614412ac48d_JaffaCakes118
Size

265KB
MD5

11d56904c13f3eae0e17e614412ac48d
SHA1

831047f92c2b0b96e8c49e5eb2afd4dcb518f9fe
SHA256

cdd114bae363d4030db1647fd84f990b4555203150fc7ecfdc00cdc66ad0795b
SHA512

c85452997882cd42d596750ca9250c461ecbbde31cc8d384060dc324aff657209709d7f5c176a9a459433aac8f924ad6660205ebc54818ad7ea6c3bd089890f8
SSDEEP

6144:LmgTMbNkKib4dXAlM+4SE6Mbhi2jmRKwRjBNsVyT:Lm7ynFi+pE6MV3wRjBNsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11d56904c13f3eae0e17e614412ac48d_JaffaCakes118

Files

11d56904c13f3eae0e17e614412ac48d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05f1c1ec697a4d07ae9226c91a5c0c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
CryptEnumProviderTypesA
CryptReleaseContext
RegNotifyChangeKeyValue
CryptDuplicateHash
LookupSecurityDescriptorPartsW
LookupPrivilegeNameA
RegConnectRegistryA
StartServiceA
CreateServiceW
RegQueryValueA
RegRestoreKeyA
CryptGetKeyParam

shell32

ExtractIconExA
SHGetDiskFreeSpaceA
SHGetFileInfoA
ExtractIconExW
SHGetNewLinkInfo
ShellAboutA
SHGetPathFromIDList
SHBrowseForFolderA
SHFreeNameMappings
ShellHookProc
ExtractIconW
SHInvokePrinterCommandW
ShellExecuteEx
DragQueryFileA
SHFileOperation
SHEmptyRecycleBinA
DragQueryFileW
SHGetPathFromIDListW
ExtractAssociatedIconExA
DragFinish
SheSetCurDrive

wininet

CreateUrlCacheContainerA
FtpGetFileSize
SetUrlCacheGroupAttributeW
LoadUrlCacheContent
InternetConfirmZoneCrossingW
FtpCreateDirectoryW
InternetConfirmZoneCrossing
FtpGetCurrentDirectoryW
InternetCloseHandle
ReadUrlCacheEntryStream
FtpGetFileEx

comdlg32

ReplaceTextW
ChooseColorW
ChooseFontA
FindTextA
PageSetupDlgW
ReplaceTextA
GetSaveFileNameW
PrintDlgA
GetFileTitleW
FindTextW
ChooseColorA

kernel32

WideCharToMultiByte
GetTimeZoneInformation
MultiByteToWideChar
GetProcessHeaps
GetACP
LCMapStringW
TerminateProcess
WriteConsoleOutputCharacterA
GetCPInfo
IsValidCodePage
GetModuleFileNameW
TlsSetValue
FlushViewOfFile
LoadResource
GetDateFormatA
InterlockedDecrement
GetProcAddress
TlsGetValue
GetOEMCP
FreeEnvironmentStringsA
GetStartupInfoW
GetEnvironmentStrings
OpenWaitableTimerA
GetLocaleInfoW
VirtualProtect
SetHandleCount
LeaveCriticalSection
QueryPerformanceCounter
SetLastError
GetTickCount
ExitProcess
VirtualFree
FreeLibrary
GetModuleHandleA
GetStringTypeW
lstrcmpi
HeapDestroy
CreateMutexA
HeapAlloc
GetPrivateProfileSectionNamesA
GetStringTypeA
TlsAlloc
CompareStringW
HeapReAlloc
GetVersionExA
HeapSize
SetFileAttributesW
GetCurrentThread
Sleep
DeleteCriticalSection
GetStdHandle
OutputDebugStringA
GetFileType
IsDebuggerPresent
LoadLibraryA
EnumSystemLocalesA
GetCurrentProcessId
InitializeCriticalSection
EnterCriticalSection
GetNumberFormatW
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GlobalAddAtomW
GetCurrentThreadId
InterlockedExchange
RtlUnwind
GetLastError
SetEnvironmentVariableA
GetSystemTimeAsFileTime
CompareStringA
VirtualAlloc
GetUserDefaultLCID
FreeEnvironmentStringsW
GetTimeFormatA
HeapCreate
GetLocaleInfoA
GetCommandLineW
WriteFile
IsValidLocale
GetEnvironmentStringsW
HeapFree
GetProcessHeap
SetConsoleTitleA
GetCurrentProcess
GetCommandLineA
LCMapStringA
SetConsoleCtrlHandler
TlsFree
SetUnhandledExceptionFilter
VirtualQuery
InterlockedIncrement
UnhandledExceptionFilter
GetStartupInfoA

gdi32

GetCurrentPositionEx
ExtEscape
CombineRgn
GetCharacterPlacementW
CreateBrushIndirect
GetEnhMetaFileW
GetStretchBltMode
CreateEnhMetaFileA
EnumMetaFile
CloseEnhMetaFile
PathToRegion
GetObjectW
PlgBlt
DescribePixelFormat
PlayEnhMetaFileRecord
RectVisible
GetMetaFileA
Arc
GetCharABCWidthsFloatW
GetBrushOrgEx
CreateDIBSection
GetWindowExtEx
GetTextAlign
GetNearestColor
GetClipRgn

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05f1c1ec697a4d07ae9226c91a5c0c0f

Headers

File Characteristics

Imports

advapi32

shell32

wininet

comdlg32

kernel32

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 138KB - Virtual size: 138KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 138KB - Virtual size: 138KB

.rsrc
Size: 6KB - Virtual size: 6KB