53ced83f7fb13bfaf8646244375c88fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53ced83f7fb13bfaf8646244375c88fc_JaffaCakes118
Size

1.4MB
MD5

53ced83f7fb13bfaf8646244375c88fc
SHA1

21c0cf5ef8ad572ed366f9f0510edd3bc3c68855
SHA256

07a300d50a33234956a95565854097831ea7cec0491e6f3c47949f82500a11f8
SHA512

93b4fa128c42f92459cfd9bfdc413b66eb6e079ff38c4607e53898ee9e9676c364d5a694309ce9fc6fa0b351f9fd681ad827d2e9144b8203ebae663d1776cf51
SSDEEP

24576:T17IoyVWOHZ2aB0Ag+w6aepJ/WbFqM/dnMBa3Zp:T1NyV58aS8xjWbFnM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53ced83f7fb13bfaf8646244375c88fc_JaffaCakes118

Files

53ced83f7fb13bfaf8646244375c88fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6693df034f2942ab47fc888a635c5b64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringW
FindFirstFileW
FindResourceExW
OutputDebugStringW
GetStartupInfoW
GetSystemInfo
ReadFile
GetFileSize
SetHandleCount
GetLastError
GetCurrentThreadId
ExitProcess
VirtualAlloc
GetVersion
WriteConsoleW
GetProcAddress
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

userenv

UnregisterGPNotification

crypt32

CryptProtectData
CertGetNameStringW
CertNameToStrW
CryptAcquireCertificatePrivateKey
CertGetPublicKeyLength
CertAddStoreToCollection
CertFreeCTLContext
CertAddCertificateContextToStore
CertCreateCertificateContext
CertCloseStore
CertOpenStore
CryptMsgGetParam
CryptMsgUpdate
CryptFindOIDInfo
CryptDecodeObject
CryptStringToBinaryW

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1011KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6693df034f2942ab47fc888a635c5b64

Headers

File Characteristics

Imports

kernel32

userenv

crypt32

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 1011KB - Virtual size: 8.1MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 1011KB - Virtual size: 8.1MB

.rsrc
Size: 362KB - Virtual size: 361KB