12beddceec917ce9660abd41f7af0107_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12beddceec917ce9660abd41f7af0107_JaffaCakes118
Size

244KB
MD5

12beddceec917ce9660abd41f7af0107
SHA1

3148dd38b95b2426dd03dcf10ca1f3f55f4eaf92
SHA256

7eeff872570346c3fd22add76ffb4b245cc6c1248373d7adb70568c87eeee23a
SHA512

a3660e34ca4792304d4fb59e7f62075f93f19e873b12caebb166e2cca85f2977b57f1f4d5785c4d992b66b11b5bb5c9aea7aeb061c8e735fa329d77cf7c98b63
SSDEEP

3072:6GsDcWOWbg+Lz5oiPJmtQEStDtz7RqmrAv1xUdITEvrsWtvpaAyUIC69QBKq54:KoWdbBL7ErxUdAEvrsWpoEKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12beddceec917ce9660abd41f7af0107_JaffaCakes118

Files

12beddceec917ce9660abd41f7af0107_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9e47f123e4dcf49c7516b5ebc8fac61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
LockResource
LoadResource
FindResourceA
GetFullPathNameA
CompareStringA
lstrlenA
FreeLibrary
CloseHandle
GetLastError
GetModuleFileNameA
CreateDirectoryA
GetWindowsDirectoryA
lstrcpyA
lstrcpynA
GetSystemDirectoryA
GetExitCodeProcess
CreateProcessA
CreateMutexA
GlobalFree
GlobalAlloc
VerifyVersionInfoA
VerSetConditionMask
GetVersionExA
GetCurrentProcess
GetEnvironmentVariableA
LocalFree
FormatMessageA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
SizeofResource
WriteFile
GetFileAttributesA
LoadLibraryA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
InitializeCriticalSection
Sleep
GetConsoleMode
GetConsoleCP
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetProcAddress
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
RaiseException
SetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetCommandLineA
HeapAlloc
GetProcessHeap
GetStartupInfoA
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

advapi32

AllocateAndInitializeSid
FreeSid

user32

CharPrevA
SetForegroundWindow
GetSystemMetrics
SystemParametersInfoA
ExitWindowsEx
MessageBoxA
GetWindowRect
DestroyWindow
SetDlgItemTextA
DispatchMessageA
CharNextA
MsgWaitForMultipleObjects
CreateDialogParamA
SetWindowTextA
MoveWindow
SetFocus
ShowWindow
TranslateMessage
LoadIconA
LoadCursorA
SetCursor
GetDlgItem
SendMessageA
PeekMessageA
IsDialogMessageA
LoadStringA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileA

wininet

DeleteUrlCacheEntry
InternetCanonicalizeUrlA

rpcrt4

UuidToStringA

ole32

CoCreateGuid

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9e47f123e4dcf49c7516b5ebc8fac61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

version

comctl32

urlmon

wininet

rpcrt4

ole32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 5.8MB - Virtual size: 5.8MB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 5.8MB - Virtual size: 5.8MB