16c87d441c24fcdd89adb073e2443d29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16c87d441c24fcdd89adb073e2443d29_JaffaCakes118
Size

903KB
MD5

16c87d441c24fcdd89adb073e2443d29
SHA1

031556a4dea23e7c003803bed01a916f1acbd8b7
SHA256

fd35a3cd5c1e556cd466cb216e1cd5182457ac78039afa2998ee85add7b37059
SHA512

9d94922993f25429635f83457731e683b9d8ff9ad0f72bbba42202901e9a5a61324b5fd10ff693aeec51764751956df957a34df5b088c9131f67cd91c4f689c8
SSDEEP

24576:y5PxwalXskgY/0wJF228S7HjnWaiGVv5nGjrQUHUzV:GLl90j2pHjnWaL5GfRHeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c87d441c24fcdd89adb073e2443d29_JaffaCakes118

Files

16c87d441c24fcdd89adb073e2443d29_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b57f1452f9ecb8f806d6a23744fc2ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowPlacement
DeferWindowPos
DialogBoxParamW
TranslateMessage
ReleaseCapture
GetSystemMetrics
LoadMenuW
DrawMenuBar
GetDialogBaseUnits
FillRect
SetParent
GetWindowLongW
EqualRect
InflateRect
DrawEdge
SetPropW
ScrollWindow
ReleaseDC
GetDC
SetActiveWindow
SetMenuDefaultItem

psapi

EnumDeviceDrivers

wintrust

CryptCATAdminEnumCatalogFromHash
WTHelperGetProvSignerFromChain

comctl32

FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_GetScrollInfo
CreateToolbarEx
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Read
ImageList_SetDragCursorImage
ImageList_DragEnter
ImageList_Copy
ImageList_Replace
ImageList_Add
ImageList_GetImageCount
PropertySheetW
InitializeFlatSB

kernel32

LoadLibraryExW
IsProcessorFeaturePresent
RtlUnwind
GetCPInfo
GetACP
IsValidCodePage
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
IsDebuggerPresent
GetThreadLocale
GetProcAddress
GlobalUnlock
GlobalFree
LocalFree
VirtualAlloc
HeapAlloc
HeapFree
GetCurrentThreadId
GetLastError
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo
lstrcmpiW
GetCommandLineW
OutputDebugStringW
FindResourceW
FindResourceExW
GetFileAttributesW
FindFirstFileW
QueryPerformanceCounter
GetOEMCP
CreateFileW
GetStringTypeW
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc

uxtheme

GetThemeSysColor
DrawThemeParentBackground
EnableThemeDialogTexture
OpenThemeData
CloseThemeData
GetWindowTheme

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i6s7t9
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a7hkh
Size: 453KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b57f1452f9ecb8f806d6a23744fc2ec

Headers

File Characteristics

Imports

user32

psapi

wintrust

comctl32

kernel32

uxtheme

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 4KB - Virtual size: 6.9MB

.i6s7t9 Size: 246KB - Virtual size: 245KB

.a7hkh Size: 453KB - Virtual size: 456KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 4KB - Virtual size: 6.9MB

.i6s7t9
Size: 246KB - Virtual size: 245KB

.a7hkh
Size: 453KB - Virtual size: 456KB