f9649394e3fae9be83a08016f5fd1eb8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9649394e3fae9be83a08016f5fd1eb8_JaffaCakes118
Size

580KB
MD5

f9649394e3fae9be83a08016f5fd1eb8
SHA1

3cd586d482ca17ab04f49067a9d1117c8f286246
SHA256

0c2a400ef161fadba47d6e1c2537e2c4837a4b32f37c6fb1c61f3b70ef5b5e6a
SHA512

fbea4038cf6790a3e524ba8df4820c9d19ba630fbd1f3625581dacbddd0f633f6d194b01599a36bbcf56bdb2faccbc9a51edacacb26a27938656ecd2d326ce2e
SSDEEP

12288:gZmnn7BEkqudGKCtCRk01+uSwJF9/NrYvHcn1vF+70+VQ:4mn7BEkd7eCr+uSidNcvA1vFX+e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9649394e3fae9be83a08016f5fd1eb8_JaffaCakes118

Files

f9649394e3fae9be83a08016f5fd1eb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4865f2d2ff1873d8b6a928f07fc0078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetCurrentThread
FreeEnvironmentStringsA
GetLastError
GlobalSize
GetEnvironmentStringsA
WideCharToMultiByte
GetCPInfo
UnhandledExceptionFilter
VirtualFree
GetEnvironmentStrings
VirtualQuery
WaitForSingleObject
SetCriticalSectionSpinCount
SetEnvironmentVariableA
ContinueDebugEvent
LeaveCriticalSection
LCMapStringA
VirtualProtectEx
GetLocaleInfoA
GetCurrentThreadId
LCMapStringW
GetPrivateProfileSectionNamesA
SetFilePointer
CreateFileA
LockResource
GetVersionExA
TlsAlloc
DeleteCriticalSection
GetFileType
GetConsoleMode
SetConsoleActiveScreenBuffer
GetPrivateProfileStringW
ExitProcess
GetCurrentProcessId
WriteFile
GetUserDefaultLCID
FlushFileBuffers
GetStdHandle
CreateMutexA
HeapSize
GetStartupInfoA
LoadLibraryA
GetStringTypeW
GetTimeZoneInformation
GetOEMCP
VirtualAlloc
GetComputerNameW
GetCalendarInfoW
OpenEventW
EnumSystemLocalesA
GlobalCompact
GetTickCount
GetCurrentDirectoryA
GetModuleHandleA
MapViewOfFileEx
RemoveDirectoryW
TlsSetValue
CompareStringA
CommConfigDialogA
SetHandleCount
ReadConsoleOutputA
FileTimeToDosDateTime
GetCurrentProcess
RtlZeroMemory
HeapAlloc
TerminateProcess
SetLastError
GetDateFormatA
FoldStringW
IsValidCodePage
GetNamedPipeInfo
ExpandEnvironmentStringsW
GetLocaleInfoW
GetEnvironmentStringsW
InitializeCriticalSection
GetCompressedFileSizeW
FlushConsoleInputBuffer
GetStringTypeA
InterlockedExchange
GlobalUnlock
GetProfileSectionW
OpenWaitableTimerA
LocalSize
CreateEventA
TlsGetValue
HeapReAlloc
WaitCommEvent
ReadFileEx
VirtualProtect
GetStartupInfoW
GetTimeFormatA
CloseHandle
LockFile
OpenMutexA
MultiByteToWideChar
RaiseException
CompareStringW
EnterCriticalSection
lstrcpyn
GetModuleFileNameW
GetACP
GetCommandLineW
GetThreadContext
WritePrivateProfileStructW
GetModuleFileNameA
lstrcpynA
GetSystemInfo
MoveFileW
GetProfileIntA
IsBadWritePtr
SetStdHandle
QueryPerformanceCounter
ReadFile
WriteProfileStringW
GetThreadPriorityBoost
FreeEnvironmentStringsW
HeapDestroy
GetCommandLineA
HeapFree
ReadConsoleInputA
TlsFree
VirtualLock
GetSystemTimeAsFileTime
SetConsoleOutputCP
IsValidLocale
EnumResourceTypesA
AllocConsole
GetCalendarInfoA
GetProcAddress
HeapCreate

user32

GetUserObjectInformationA
CharPrevA
AppendMenuA
DrawTextA
CallMsgFilterW
InSendMessageEx
RegisterClassExA
OpenDesktopW
LoadMenuA
SetDlgItemTextA
RegisterClassA
EndMenu
DdeUninitialize
GetKeyState
MapVirtualKeyExA
CharNextA
EnumDisplayDevicesW
GetClassNameA
MessageBoxA
ShowCaret
SetWindowRgn
LoadCursorW
DlgDirSelectComboBoxExW
GetWindowRect
GetWindowContextHelpId
FindWindowA
DestroyIcon
DdeFreeDataHandle
MessageBoxIndirectA
CharToOemA
GetInputDesktop

comctl32

ImageList_GetImageRect
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_Duplicate
CreateUpDownControl
ImageList_GetBkColor
ImageList_Copy
InitCommonControlsEx
ImageList_SetIconSize
ImageList_DragEnter
ImageList_GetFlags
_TrackMouseEvent

advapi32

RegQueryMultipleValuesA
CryptGetDefaultProviderW
RegOpenKeyW
RegSaveKeyW
CryptSetProviderExA
CreateServiceW
CryptSetKeyParam
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyA
CryptExportKey
LookupAccountSidA
RegSaveKeyA

comdlg32

ChooseFontW
PageSetupDlgA
GetFileTitleA

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4865f2d2ff1873d8b6a928f07fc0078

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

comdlg32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 116KB - Virtual size: 136KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 116KB - Virtual size: 136KB

.rsrc
Size: 40KB - Virtual size: 36KB