14701375aa3b63ee68b1869a7f5e40e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14701375aa3b63ee68b1869a7f5e40e1_JaffaCakes118
Size

495KB
MD5

14701375aa3b63ee68b1869a7f5e40e1
SHA1

9571815549c80edc446c287e3840e6601fd42e35
SHA256

ed1490986995d0b08e8076f1d01b51d87520bce60c8003a0cffb903fed0ee792
SHA512

c97be7198cd7d42e859c5b149beeb43ace8f811bda111ed83536c36420a324fe85e278dbf3c527417846f9b3e6813a8e075a09dc9f9f6b43cc493678c93a7dea
SSDEEP

6144:O8nLsHhzEioQ+3ivzIhe6Z6B7O3pE9kKnN0xIqQzxQ4U+rnxk4nCUdkAvV:/L+gi9vzIhePB7O3m9kKN0kxDyBUdt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14701375aa3b63ee68b1869a7f5e40e1_JaffaCakes118

Files

14701375aa3b63ee68b1869a7f5e40e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f9b572da81358184e55a0e7a0785e99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\fmotjdlpk\hrsaesewzp.PDB

Imports

wininet

InternetConfirmZoneCrossingA
InternetAttemptConnect
LoadUrlCacheContent
InternetCanonicalizeUrlA
InternetQueryOptionW
HttpEndRequestW

comdlg32

GetFileTitleA
ChooseFontW
FindTextA

advapi32

LogonUserW
RegSaveKeyW
StartServiceA
CryptAcquireContextA
RegConnectRegistryW
DuplicateTokenEx
CryptSetHashParam
CreateServiceW
LookupPrivilegeNameA
RegLoadKeyA
CryptVerifySignatureW
RegCreateKeyA
CryptSignHashA
CryptEnumProvidersW
RegCreateKeyW
LookupAccountNameA
RegQueryInfoKeyW
GetUserNameA
CryptReleaseContext

comctl32

InitCommonControlsEx

user32

HideCaret
SendDlgItemMessageA
GetWindowRect
DeferWindowPos
GetTabbedTextExtentW
UnhookWinEvent
SetWindowsHookExA
RegisterClassExA
RegisterClassA
CreateMenu
EnumPropsW
DestroyCaret
MessageBoxExA
GetWindowTextW
EndPaint
SwitchToThisWindow
LoadAcceleratorsW
EnumThreadWindows
GetMessageA
DdeQueryNextServer

kernel32

FlushInstructionCache
TlsAlloc
SetLastError
CompareStringA
GetCPInfo
EnumSystemLocalesA
OpenMutexA
LeaveCriticalSection
GetConsoleCP
GetACP
GetCurrentThreadId
GetFileType
GetLastError
GetStdHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
LoadLibraryA
HeapAlloc
GetMailslotInfo
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetStringTypeW
WriteConsoleA
ReadConsoleW
GetStartupInfoA
Sleep
InterlockedIncrement
MultiByteToWideChar
HeapReAlloc
GetTimeFormatA
GetEnvironmentStrings
IsValidLocale
EnumSystemLocalesW
GetProcAddress
VirtualAlloc
SetStdHandle
TransactNamedPipe
GetCurrencyFormatA
FreeEnvironmentStringsW
GetSystemDirectoryW
WriteConsoleOutputA
GetCompressedFileSizeW
GetCommandLineA
VirtualQuery
HeapFree
FreeLibrary
CompareStringW
HeapSize
TerminateProcess
GetCurrentProcess
GetOEMCP
GetConsoleOutputCP
GetSystemTimeAsFileTime
GetModuleHandleW
GetModuleFileNameW
TlsFree
DeleteCriticalSection
GetCompressedFileSizeA
CreateFileA
IsDebuggerPresent
FreeEnvironmentStringsA
CloseHandle
GetDateFormatA
GetStringTypeA
LCMapStringW
lstrcpy
GetEnvironmentStringsW
UnhandledExceptionFilter
SetHandleCount
SetConsoleCtrlHandler
VirtualFree
CreateMutexA
TlsGetValue
SetFilePointer
GetCurrentProcessId
LoadResource
SetFileAttributesA
ReadFile
WriteConsoleW
GetLocaleInfoW
HeapCreate
GetModuleHandleA
SetConsoleCursorInfo
LCMapStringA
SetUnhandledExceptionFilter
GetConsoleMode
WriteFile
FlushFileBuffers
HeapDestroy
InterlockedExchange
GetCurrentThread
ExitProcess
EnterCriticalSection
GetTickCount
InterlockedDecrement
GetWindowsDirectoryW
SetEnvironmentVariableA
GetUserDefaultLCID
EnumTimeFormatsW
WideCharToMultiByte
IsValidCodePage
TlsSetValue
GetTimeZoneInformation

Sections

.text
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9b572da81358184e55a0e7a0785e99

Headers

File Characteristics

PDB Paths

Imports

wininet

comdlg32

advapi32

comctl32

user32

kernel32

Sections

.text Size: 346KB - Virtual size: 346KB

.rdata Size: 33KB - Virtual size: 50KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 346KB - Virtual size: 346KB

.rdata
Size: 33KB - Virtual size: 50KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 8KB - Virtual size: 8KB