1306effc184fe8a9a827a6813886569b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1306effc184fe8a9a827a6813886569b_JaffaCakes118
Size

3.1MB
MD5

1306effc184fe8a9a827a6813886569b
SHA1

0cb316de77578a46910f7414f166c6121a1dcb3b
SHA256

9f41d1e916a3c074482dadf55f48f203325a722506b33bfda73da9876ce7f793
SHA512

268b0537a328ba2a53ae28f68d871dd4f5566c251b98a491462d2f68fe9c14414b7982fab3b1d86e48395adb76d02fbc39aacbf5c075ae1d71c376b4a9e959b8
SSDEEP

98304:pGTvI8jofajj7Qk/Cx6Jg8O2O9e3iuzl0o:pGDTVj7HC8FOU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1306effc184fe8a9a827a6813886569b_JaffaCakes118

Files

1306effc184fe8a9a827a6813886569b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c080873cb2f7e883fabe6a18107287d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
GetFileAttributesA
CompareFileTime
FindClose
FindFirstFileA
GetTempFileNameA
GetTempPathA
ExitProcess
TerminateProcess
GetCurrentProcess
ReleaseMutex
CreateMutexA
OpenMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
CreateDirectoryA
CreateProcessA
MultiByteToWideChar
IsDBCSLeadByte
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MoveFileExA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
GetLastError
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleHandleA
FreeLibrary
InitializeCriticalSection
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
GetFileType
SetHandleCount
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapFree
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
HeapAlloc
RtlUnwind
RaiseException
InterlockedExchange
SetLastError
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
ReadFile
GlobalFree
lstrcpyA
GetTickCount
GlobalReAlloc
lstrcmpA
lstrcmpiA
GetExitCodeProcess
SetFileAttributesA
GlobalUnlock
VirtualProtect
GlobalAlloc
LocalSize
GlobalLock
GlobalSize
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
Sleep
LocalAlloc
LocalFree
lstrcatA
WriteFile
GetModuleFileNameA
GetDriveTypeA
CreateFileA
SetFilePointer
GetFileSize
CloseHandle
lstrcpynA
LCMapStringA
lstrlenA

user32

SetCursor
ScreenToClient
LoadStringA
MessageBoxA
ExitWindowsEx
IsWindow
IsIconic
IsWindowVisible
GetSystemMetrics
GetSysColor
DestroyWindow
SystemParametersInfoA
SetPropA
MapDialogRect
DialogBoxParamA
GetWindowLongA
SetTimer
GetCursorPos
GetScrollInfo
KillTimer
LoadBitmapA
SetRect
SetRectEmpty
GetSysColorBrush
EnableWindow
SendDlgItemMessageA
DrawTextExA
CheckDlgButton
GetParent
PostMessageA
IsDlgButtonChecked
FillRect
GetWindowTextA
DrawTextA
CallWindowProcA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
SetWindowPos
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
GetSystemMenu
EnableMenuItem
PostQuitMessage
GetDC
ReleaseDC
BeginPaint
EndPaint
SendMessageA
IsZoomed
DefWindowProcA
MessageBeep
SetWindowLongA
UpdateWindow
InvalidateRect
EndDialog
GetDlgItem
GetWindowRect
MoveWindow
ShowWindow
wsprintfA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
GetClientRect
PtInRect
LoadCursorA
SetFocus

gdi32

CreateFontA
CreateBrushIndirect
CreateRectRgn
SetTextAlign
SelectClipRgn
GetDeviceCaps
SetStretchBltMode
StretchBlt
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreatePen
SelectObject
CreateSolidBrush
Rectangle
DeleteObject
SetBkMode
SetTextColor
TextOutA
BitBlt
SetBkColor
GetStockObject
GetTextFaceA

shell32

SHGetSpecialFolderLocation
SHChangeNotify
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance

comctl32

ord8
CreatePropertySheetPageA
ord17
PropertySheetA

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c080873cb2f7e883fabe6a18107287d4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 125KB

.rsrc Size: 116KB - Virtual size: 112KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 125KB

.rsrc
Size: 116KB - Virtual size: 112KB