377f981350ed07ba08f6a8490c4536c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

377f981350ed07ba08f6a8490c4536c5_JaffaCakes118
Size

449KB
MD5

377f981350ed07ba08f6a8490c4536c5
SHA1

0ffb29a68cba2e3b93788817143a238305a06d64
SHA256

11bc3ddce8db046ab1c81775bfca51ac36adadfad72fcdfbb3a3a5acabc3509c
SHA512

ac2622a2d6d2af5e8cdc85932753f3ca387a580fd2bf6733a5d254683c49f38a0503ec8eab788ee6e7417612905f041eb350b68d3336c42b0ab2aeac6b9706ee
SSDEEP

12288:Xep7SX0V+54dq9A2LKj9xe3tKluOHov5hvhH9OI:i7ue8TGxe3tKPov5hh9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377f981350ed07ba08f6a8490c4536c5_JaffaCakes118

Files

377f981350ed07ba08f6a8490c4536c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0158403f56f8be0e52730caba81dd4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

UpdateICMRegKeyA
CreateFontW
StretchDIBits

shell32

SHGetFileInfoW
SHQueryRecycleBinW
SHGetPathFromIDListA
SheGetDirA
ShellExecuteEx
RealShellExecuteExW
SHGetDesktopFolder
SHBrowseForFolder
SHGetMalloc
RealShellExecuteW
SHGetDataFromIDListA
SHAddToRecentDocs
ShellExecuteExW
SHGetFileInfo
SHGetSpecialFolderLocation
DragAcceptFiles
SHAppBarMessage
SHGetSpecialFolderPathA
ShellAboutA
SHBrowseForFolderW

wininet

FtpGetCurrentDirectoryW
DeleteUrlCacheContainerW

user32

IsRectEmpty
IsDialogMessageW
DefWindowProcW
GetKeyNameTextA
GetWindowRgn
LoadKeyboardLayoutA
UnregisterClassA
GetSubMenu
DdeConnect
GetDlgItemTextA
DdeUnaccessData
CharLowerA
LoadImageW
EnableMenuItem
GetMessageExtraInfo
BeginDeferWindowPos
CreateCursor

kernel32

ExitProcess
GetComputerNameW
HeapReAlloc
LCMapStringW
FlushConsoleInputBuffer
EnumResourceNamesA
TerminateProcess
InterlockedIncrement
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetStringTypeA
TlsGetValue
GetStringTypeW
HeapFree
EnumSystemLocalesA
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
SetLastError
GetTickCount
VirtualFree
FreeLibrary
TlsFree
HeapDestroy
SetHandleCount
GetCurrentProcessId
GetCPInfo
DeleteAtom
Sleep
CompareStringW
VirtualQuery
TlsSetValue
UnhandledExceptionFilter
GetLastError
GetACP
GetOEMCP
ExitThread
IsValidCodePage
GetLocaleInfoW
GetModuleFileNameA
LoadLibraryA
GetTimeFormatA
SetEnvironmentVariableA
GetTimeZoneInformation
GetProcAddress
InterlockedDecrement
GetNamedPipeHandleStateW
GetModuleFileNameW
GetEnvironmentStringsW
GetLocaleInfoA
HeapAlloc
EnumCalendarInfoExA
WideCharToMultiByte
DuplicateHandle
TlsAlloc
GetModuleHandleA
QueryPerformanceCounter
LCMapStringA
CompareStringA
GetSystemTimeAsFileTime
LeaveCriticalSection
GetCurrentProcess
GetStartupInfoA
HeapSize
WriteFile
GetCurrentThread
DeleteCriticalSection
GetModuleHandleW
SetConsoleCP
GetDiskFreeSpaceW
EnterCriticalSection
GetStartupInfoW
RtlUnwind
GetStringTypeExW
GetFileType
IsDebuggerPresent
IsValidLocale
HeapCreate
GetStdHandle
GetCommandLineW
InterlockedExchange
OpenSemaphoreA
SetConsoleCtrlHandler
CreateDirectoryExW
GetLogicalDriveStringsA
GetDateFormatA
VirtualAlloc
GetCurrentThreadId
FreeEnvironmentStringsW

comdlg32

GetSaveFileNameA
ReplaceTextW
GetFileTitleW
GetOpenFileNameW
GetFileTitleA

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0158403f56f8be0e52730caba81dd4f

Headers

File Characteristics

Imports

gdi32

shell32

wininet

user32

kernel32

comdlg32

Sections

.text Size: 165KB - Virtual size: 164KB

.data Size: 276KB - Virtual size: 292KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 165KB - Virtual size: 164KB

.data
Size: 276KB - Virtual size: 292KB

.rsrc
Size: 6KB - Virtual size: 6KB