f287a2ffd905a9e4194168f6f642482d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f287a2ffd905a9e4194168f6f642482d_JaffaCakes118
Size

440KB
MD5

f287a2ffd905a9e4194168f6f642482d
SHA1

f4db6c539221c1767073d66999aed7d98f0d7caa
SHA256

8dee00299d56a32c66e34acdc98ba25f8a26029ee8c3ae3d61d053eb5cb57065
SHA512

0caffe99b5ad1bff28756bc95c4c0fd14d75b26a21970f52d7046dbaf5eaa7d9528501dceae7b127ad581429af7e49ebbb3d9f604466aa6a2461191a59186143
SSDEEP

6144:NACajlq4aqqdiuSNYv1kdhUpgEJifG/OGgeQqXI7yPzQ+VmDyfUo7JWZ:Ngqjpia1k/Upg1fG/O+XXosQ+VeyfcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f287a2ffd905a9e4194168f6f642482d_JaffaCakes118

Files

f287a2ffd905a9e4194168f6f642482d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b40f8b86e2343dfbdfc11fd1f74ecf70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\tjmdty.pdb

Imports

user32

GetAltTabInfo
DestroyMenu
DestroyWindow
InternalGetWindowText
GetInputState
GetForegroundWindow
InvertRect
ShowWindow
GetMessageTime
CreateWindowExW
AdjustWindowRect
GetClipboardOwner
RegisterClassExA
MessageBoxW
FlashWindowEx
DefWindowProcA
GetClientRect
LoadAcceleratorsW
IsWindowEnabled
CharNextW
GetWindowTextLengthW
VkKeyScanA
MessageBoxA
RegisterClassA
SendIMEMessageExW

kernel32

GetProfileSectionA
GetConsoleMode
HeapDestroy
CreateDirectoryExA
TlsAlloc
GetNamedPipeHandleStateA
GetTimeFormatA
GetCurrentDirectoryW
IsBadWritePtr
QueryPerformanceCounter
GlobalUnlock
LockFile
GetWindowsDirectoryW
DeleteCriticalSection
HeapSize
GetDiskFreeSpaceExA
LeaveCriticalSection
GetCommandLineW
VirtualFree
ExitProcess
RtlUnwind
GetSystemInfo
VirtualProtectEx
OutputDebugStringW
GetCompressedFileSizeW
GetOEMCP
GetConsoleOutputCP
UnhandledExceptionFilter
HeapAlloc
OpenMutexA
GetACP
GetCommandLineA
GetStdHandle
CreateNamedPipeW
FindResourceW
GetSystemTimeAsFileTime
GetEnvironmentStrings
SetSystemTime
GetCPInfo
TlsSetValue
GetCurrentProcessId
CloseHandle
VirtualAlloc
lstrcat
TerminateProcess
GetModuleFileNameA
GetStringTypeA
CreateWaitableTimerW
LCMapStringA
WriteFile
TlsFree
GetCurrentThreadId
GetWindowsDirectoryA
FlushFileBuffers
SetTimeZoneInformation
EnumSystemLocalesA
GetVersionExA
SetFilePointer
WriteConsoleOutputA
FreeEnvironmentStringsW
LCMapStringW
GetPrivateProfileStringW
SetLastError
OutputDebugStringA
InterlockedExchange
InterlockedExchangeAdd
ReadConsoleInputW
GetModuleFileNameW
ReleaseMutex
GetModuleHandleA
GetCurrentThread
GlobalAlloc
EnumSystemCodePagesW
InitializeCriticalSection
GetLocaleInfoW
WriteConsoleOutputCharacterW
SetConsoleTitleA
GetStartupInfoA
GetLastError
ReadFile
GetDateFormatA
OpenFileMappingW
IsValidLocale
LoadLibraryA
GetPrivateProfileIntA
GetTimeZoneInformation
CreateMutexA
GetFileTime
WideCharToMultiByte
GetNumberFormatA
SetEnvironmentVariableA
CreateToolhelp32Snapshot
GetTickCount
LoadLibraryExW
IsValidCodePage
GetPrivateProfileSectionNamesW
MoveFileExA
GetLocaleInfoA
GetFileType
lstrcatW
VirtualQuery
GetStringTypeW
EnterCriticalSection
SetHandleCount
EnumDateFormatsExW
GetProcAddress
MultiByteToWideChar
SetStdHandle
HeapReAlloc
GetEnvironmentStringsW
HeapCreate
VirtualProtect
GetCurrentProcess
GetStartupInfoW
ReadConsoleOutputAttribute
HeapFree
CompareStringW
FreeEnvironmentStringsA
ReadConsoleW
SetComputerNameA
TlsGetValue
GetUserDefaultLCID
WriteConsoleOutputW
CompareStringA

comctl32

DrawStatusText
DestroyPropertySheetPage
InitMUILanguage
InitCommonControlsEx
ImageList_Copy
ImageList_Draw
CreateUpDownControl
ImageList_GetIconSize
DrawInsert
ImageList_Create

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b40f8b86e2343dfbdfc11fd1f74ecf70

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 104KB - Virtual size: 109KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 104KB - Virtual size: 109KB

.rsrc
Size: 32KB - Virtual size: 31KB