ff0466fb4bc1db77512af566453a80ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff0466fb4bc1db77512af566453a80ee_JaffaCakes118
Size

206KB
MD5

ff0466fb4bc1db77512af566453a80ee
SHA1

c39d683ae6676d723e80caf8bf63c90732d5e10a
SHA256

6afa707ba36bdf7141ad40927abdb9a7ea8bd33664a78078b3e7d97b7b190b5a
SHA512

379b890b4b04490a18531d9a7d2862ed77f1a48ac178e36275212cd57694699b06738d66534fa2122e5470e63b88c58bb5bf55295af48d24c62d184dd5a1e608
SSDEEP

3072:FPeCHu0M2wMn2blNgQ4T/noPbramEV5r3kn4KEygxBYwxPViXAFdqKuTkL8F:hM2rbDT/UraHVR0n4zyWBrVwodrMS8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff0466fb4bc1db77512af566453a80ee_JaffaCakes118

Files

ff0466fb4bc1db77512af566453a80ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cfe45d8b05cfffc80a1320caf38c548

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetComputerNameA
GetExpandedNameA
SetEvent
GetModuleHandleW
GetTempFileNameW
GetProcAddress
ExpandEnvironmentStringsW
FindResourceW
CreateThread
GetEnvironmentStringsA
GlobalDeleteAtom
IsBadStringPtrW
lstrcmpiW
GetFileAttributesW
GetModuleFileNameA
CreatePipe
GetFileAttributesA
SuspendThread
OpenWaitableTimerA
lstrcpyW
GetStartupInfoA
lstrlenW
GetFullPathNameA
OpenFile
GetProcessHeap
SetCurrentDirectoryA
GetCurrentProcessId
GetVersionExA
FatalAppExitA
LoadLibraryA
GetEnvironmentStringsW
lstrcpynW
GetTempPathW
GetAtomNameW
GetExpandedNameW
ReplaceFileW
OpenProcess
SetThreadPriority
GetSystemTime
GetCalendarInfoW
CreateDirectoryW
GetFileTime
LocalFree
SetErrorMode
SetLocaleInfoW
EnumDateFormatsA
SetPriorityClass
GetLogicalDrives
GetSystemDirectoryA
OpenMutexA
lstrcmpA
GetVolumeInformationW
CompareFileTime
GetCurrentDirectoryW
GetTempFileNameA
ExitProcess

user32

GetDesktopWindow
LoadIconW
LoadBitmapW
GetKeyState
DrawTextA
PeekMessageW
SendDlgItemMessageA
wvsprintfA
SetActiveWindow
CreateDialogParamA
UpdateLayeredWindow
GetWindowTextA
GetClassInfoW
DrawTextW
CharUpperW
ReleaseDC
GetDlgItemTextA
DefWindowProcA
DialogBoxIndirectParamW
MessageBeep
EnableMenuItem
SetWindowTextA
GetClassLongA
SetParent
GetSysColor
SendMessageW
InsertMenuItemA
SetDlgItemInt
GetMenuItemRect
GetMenuState
CharPrevA
BringWindowToTop
GetClassInfoExW
SetCursorPos
PostQuitMessage
SetFocus
CharPrevW
SendDlgItemMessageW
DeleteMenu
GetWindowLongA
DefFrameProcA
GetDC
GetDlgItemInt
GetMenuStringA
EndMenu
RegisterClassExA
PeekMessageA

gdi32

RoundRect
GetROP2
PolyDraw
GetTextMetricsA
GetClipRgn
BeginPath
GetGlyphOutlineW
ScaleWindowExtEx
CreateColorSpaceW
SetWindowExtEx
SetArcDirection
RemoveFontResourceExA
MoveToEx
PolyPolyline
EndPage
EnumFontFamiliesExW
PolyBezier
CreateFontIndirectW
Ellipse

advapi32

RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExW

shell32

SHGetFileInfoA
SHGetDataFromIDListA

shlwapi

SHCreateThread
SHOpenRegStreamW
StrChrIA
SHRegWriteUSValueA
wvnsprintfW
SHGetInverseCMAP
UrlIsA

comctl32

FlatSB_GetScrollRange
CreateStatusWindow
InitCommonControlsEx
ImageList_AddMasked
CreateMRUListW
InitMUILanguage
LBItemFromPt

setupapi

pSetupVerifyCatalogFile
CM_Get_DevNode_Custom_Property_ExA
CM_Delete_DevNode_Key_Ex
CM_Get_DevNode_Custom_PropertyW
pSetupDestroyRunOnceNodeList
CM_Get_DevNode_Status
SetupQueryDrivesInDiskSpaceListW
CM_Get_Device_ID_List_Size_ExA
SetupGetLineByIndexA

winmm

mciGetDeviceIDFromElementIDA
waveOutGetPitch
mmioOpenA
waveOutRestart
mciFreeCommandResource
auxGetDevCapsA
waveOutMessage
waveOutUnprepareHeader
mciGetDeviceIDFromElementIDW
mciDriverYield

oledlg

OleUIInsertObjectA
OleUIEditLinksA
OleUIPasteSpecialW

Sections

.XDgb
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bDA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.be
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nW
Size: 4KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EdS
Size: 3KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cfe45d8b05cfffc80a1320caf38c548

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

setupapi

winmm

oledlg

Sections

.XDgb Size: 1KB - Virtual size: 1KB

.bDA Size: 9KB - Virtual size: 8KB

.be Size: 5KB - Virtual size: 6KB

.nW Size: 4KB - Virtual size: 278KB

.data Size: 128KB - Virtual size: 389KB

.EdS Size: 3KB - Virtual size: 89KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 1024B - Virtual size: 682B

.XDgb
Size: 1KB - Virtual size: 1KB

.bDA
Size: 9KB - Virtual size: 8KB

.be
Size: 5KB - Virtual size: 6KB

.nW
Size: 4KB - Virtual size: 278KB

.data
Size: 128KB - Virtual size: 389KB

.EdS
Size: 3KB - Virtual size: 89KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 1024B - Virtual size: 682B