f0f0f0a09f0d13172bfe8600110fac3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0f0f0a09f0d13172bfe8600110fac3f_JaffaCakes118
Size

488KB
MD5

f0f0f0a09f0d13172bfe8600110fac3f
SHA1

a2c89bf2b890b0910b5d33e6654103ef373cd59b
SHA256

ebb9082109ceb80448cc7dc83fdc8f692ccb85ca6e61e0ddbcb5fd18ac39a826
SHA512

4c527f5c2d856f061442ffea6924d76c15bcc536f4d97deb9cd6d151890794a8cdbda2c615e8c5ad137adadc9efb6ff0bac2d9fae14e9261baa1db2aa335f883
SSDEEP

6144:yEPF8cPn6OqVB0ynnts3zVwAq51HGmFfFXyxTxkMIl44GB+aKWqVDjOvNk3nqex:yEPyFOO0ynntcwHXFXYTxmzGMjOvC3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0f0f0a09f0d13172bfe8600110fac3f_JaffaCakes118

Files

f0f0f0a09f0d13172bfe8600110fac3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ded880691239214fa9941571200b1df7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\xoea\xee

Imports

comctl32

ImageList_Add
ImageList_LoadImage
ImageList_AddMasked
CreateUpDownControl
ImageList_SetFlags
CreatePropertySheetPageA
ImageList_SetImageCount
DrawStatusTextA
DrawStatusTextW
ImageList_SetBkColor
InitCommonControlsEx
ImageList_Copy
ImageList_GetImageCount
ImageList_DrawIndirect
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_GetImageInfo
CreatePropertySheetPageW
GetEffectiveClientRect
_TrackMouseEvent

advapi32

CryptHashData
RegQueryValueExW
StartServiceA
LookupPrivilegeNameA
RegReplaceKeyA
RegFlushKey
AbortSystemShutdownA
InitializeSecurityDescriptor
RegQueryValueA
GetUserNameW
RegCreateKeyExA

user32

CreateWindowExW
SetWindowsHookExA
LookupIconIdFromDirectoryEx
DdeFreeDataHandle
GetMenu
DefWindowProcA
AdjustWindowRect
DestroyWindow
MessageBoxA
RegisterDeviceNotificationW
GetDlgItemTextW
GetIconInfo
CallWindowProcA
CallMsgFilterA
CharNextA
RegisterClassA
ScreenToClient
RegisterClassExA
GetMessageA
TabbedTextOutW
EndMenu
MessageBoxIndirectA
GetUpdateRgn
ShowWindow
CharToOemW
TranslateAcceleratorW
IsCharAlphaNumericW
CloseClipboard
DdeDisconnect
DialogBoxIndirectParamA
TileChildWindows

kernel32

CreateFileW
GetProcAddress
GetLocaleInfoW
VirtualQuery
QueryPerformanceCounter
FreeLibrary
GetConsoleMode
DeleteFileA
SetCurrentDirectoryA
FlushFileBuffers
RemoveDirectoryW
GetEnvironmentStringsW
RtlUnwind
WideCharToMultiByte
WriteFileEx
IsDebuggerPresent
SetConsoleTitleW
LCMapStringW
GetLocaleInfoA
SetConsoleCursorPosition
SetConsoleTitleA
CreateDirectoryExA
GetFileAttributesExW
GetCurrentProcessId
HeapSize
lstrcmp
GetStringTypeW
CompareStringA
GetFileType
LoadLibraryA
LocalUnlock
TlsAlloc
TlsGetValue
EnumCalendarInfoA
SetLastError
WriteConsoleA
GetCurrentProcess
GetFileSize
SetFilePointer
GetCommandLineW
GetTickCount
GetFileAttributesA
GetDriveTypeW
CloseHandle
SetConsoleCursorInfo
SetFileAttributesW
GetTimeFormatA
CreateNamedPipeW
CreateFileA
FindResourceExA
GetPrivateProfileSectionA
HeapFree
LeaveCriticalSection
GetCurrentThreadId
IsBadWritePtr
HeapCreate
InterlockedCompareExchange
ReadFile
TlsFree
lstrcpynA
GetEnvironmentStringsA
GetOEMCP
InitializeCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA
GetPrivateProfileStructW
lstrcmpW
GetStringTypeExA
LoadLibraryExW
GetLongPathNameA
VirtualFree
GetVersionExA
GetDateFormatA
WritePrivateProfileStructA
GetExitCodeThread
Sleep
WriteFile
FreeEnvironmentStringsW
CompareStringW
SetConsoleCtrlHandler
HeapAlloc
SetStdHandle
lstrcmpiW
GetUserDefaultLCID
GetModuleHandleA
TlsSetValue
GetProcessHeap
IsValidLocale
CreateMutexW
CreateMutexA
HeapDestroy
GetLastError
lstrcmpA
WriteConsoleW
VirtualAlloc
GetCurrencyFormatW
GetStdHandle
GetModuleFileNameA
InterlockedDecrement
TerminateProcess
WriteConsoleOutputW
GetPrivateProfileSectionNamesA
WriteConsoleOutputCharacterW
ExitProcess
EnumResourceLanguagesW
GetConsoleCP
LocalFree
SetUnhandledExceptionFilter
CreateProcessW
GetStringTypeA
CompareFileTime
GetCommandLineA
GetACP
LCMapStringA
GetTimeZoneInformation
SetHandleCount
OpenMutexA
GetCurrentThread
SetPriorityClass
InterlockedExchange
GetCPInfo
GetSystemTimeAsFileTime
HeapReAlloc
EnumSystemLocalesA
GetConsoleOutputCP
WritePrivateProfileStructW
SetSystemTime
TryEnterCriticalSection
LoadLibraryW
MultiByteToWideChar
EnterCriticalSection
LoadResource
GetConsoleTitleA
GetSystemInfo
UnhandledExceptionFilter
DeleteCriticalSection
IsValidCodePage
VirtualLock
RtlFillMemory
SetEnvironmentVariableA
InterlockedIncrement
GetStartupInfoA

gdi32

GetCharacterPlacementA
DeleteDC
EnumICMProfilesW
SetBitmapDimensionEx
SetRectRgn
CreateDCW
GetObjectA
SetMetaFileBitsEx
AnimatePalette
SetICMProfileW
GetTextExtentPointA
GetDeviceCaps
ResetDCW

wininet

InternetWriteFile
DeleteUrlCacheEntryW
GetUrlCacheConfigInfoW
GopherOpenFileW
FtpCreateDirectoryA

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ded880691239214fa9941571200b1df7

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

user32

kernel32

gdi32

wininet

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 140KB - Virtual size: 138KB

.data Size: 104KB - Virtual size: 113KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 140KB - Virtual size: 138KB

.data
Size: 104KB - Virtual size: 113KB

.rsrc
Size: 32KB - Virtual size: 31KB