f505a95ea2305ccd08b9cf81d954d15b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f505a95ea2305ccd08b9cf81d954d15b_JaffaCakes118
Size

496KB
MD5

f505a95ea2305ccd08b9cf81d954d15b
SHA1

aa399a5d409fe63f42ef5f64581b0ab5a9b67dd0
SHA256

3f0b680fec446527d497797e6565fa7636ae2ce17e0ccc06aac573d591a645ff
SHA512

f9fe2b161917b12c4d1dcd6eb4bca973014ffe4825a5d8f5d89900a91c651bff8744576c4a8ee7c411b2b252a8e10c141ec57f825a4596d2781e1aa67f65ea01
SSDEEP

12288:emUabmVJXGpb8UFkxJ+yGSCZdOxnU2aSCnr1JgegsKsE6yj7WlxJ4bFH:xIGpbOxJvCKU2aSC7geJzXCWHJ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f505a95ea2305ccd08b9cf81d954d15b_JaffaCakes118

Files

f505a95ea2305ccd08b9cf81d954d15b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4419c16ebc27dce1f7cd36aab8d0e921

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DlgDirSelectComboBoxExW
GetClassInfoExW
CharNextW
IsWindow
CopyRect
RegisterClassA
EnumPropsA
GetTitleBarInfo
GrayStringA
DdeFreeStringHandle
GetClassLongW
ReuseDDElParam
SetMessageQueue
DestroyWindow
GetDlgItemTextW
SetUserObjectInformationW
PostThreadMessageA
PostQuitMessage
SetUserObjectInformationA
DdeCmpStringHandles
DdeAccessData
RegisterClassExA
CallWindowProcW
IsCharAlphaW

kernel32

InitializeCriticalSection
GetCommandLineW
DeleteCriticalSection
GetConsoleCP
EnumSystemLocalesA
HeapFree
ExitProcess
GetTimeZoneInformation
GetConsoleMode
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
CloseHandle
GetCurrentProcess
OpenMutexA
IsValidCodePage
LCMapStringA
LeaveCriticalSection
FindNextFileW
InterlockedExchange
SetConsoleCtrlHandler
CompareStringA
FreeEnvironmentStringsA
GetModuleFileNameW
GetCurrentThreadId
FreeLibrary
GetCurrentProcessId
EnterCriticalSection
GetDateFormatA
WriteFile
LoadLibraryA
GetOEMCP
TlsFree
SetStdHandle
CreateMutexA
TransactNamedPipe
VirtualQuery
IsValidLocale
GetModuleHandleA
CreateFileA
VirtualAlloc
HeapReAlloc
GetStringTypeW
GetCommandLineA
IsDebuggerPresent
GetVersionExA
TlsGetValue
TlsAlloc
GetStdHandle
MultiByteToWideChar
HeapCreate
GetCurrentThread
GetProcessHeap
CompareStringW
GetEnvironmentStringsW
GetTickCount
GetProcAddress
OpenEventW
SetHandleCount
GetStartupInfoA
TerminateProcess
GetLastError
GetFileType
GetModuleFileNameA
GetStartupInfoW
GetStringTypeA
SetEnvironmentVariableA
InterlockedIncrement
GetEnvironmentStrings
ReadFile
InterlockedDecrement
HeapDestroy
SetLastError
HeapSize
VirtualFree
GetConsoleOutputCP
GetLocaleInfoA
TlsSetValue
SetFilePointer
HeapAlloc
Sleep
UnhandledExceptionFilter
LCMapStringW
GetUserDefaultLCID
GetTimeFormatA
GetCPInfo
SetUnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleA
FreeEnvironmentStringsW
FlushFileBuffers
RtlUnwind
WriteConsoleW
GetLocaleInfoW

comdlg32

ChooseColorA
GetFileTitleW
ReplaceTextW

comctl32

InitCommonControlsEx

Sections

.text
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4419c16ebc27dce1f7cd36aab8d0e921

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

comctl32

Sections

.text Size: 326KB - Virtual size: 326KB

.rdata Size: 47KB - Virtual size: 57KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 326KB - Virtual size: 326KB

.rdata
Size: 47KB - Virtual size: 57KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 15KB - Virtual size: 14KB