4287b426b61d59b34fbd00c5e19fbd70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4287b426b61d59b34fbd00c5e19fbd70_JaffaCakes118
Size

281KB
MD5

4287b426b61d59b34fbd00c5e19fbd70
SHA1

052f3010e7fba04bfd87d798764466bbc9f22d90
SHA256

ae9c36589f4655881fbc8854215026561ae8a800f37b566bd4620378eae6f82f
SHA512

08b7f0ddb6c40a7ea391be877adb9e96796b28e44184da870116e17ce513a8d652bf716ffde1baa139d5466482345d5e4a43f94883b5766ce7c9543146f81700
SSDEEP

6144:nJ+H3h+gDZ0iG9lairsQ2WwcjUls4E8Ws2D9YHLJUAOha72:JKFDur/ZjLqeAOkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4287b426b61d59b34fbd00c5e19fbd70_JaffaCakes118

Files

4287b426b61d59b34fbd00c5e19fbd70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

afc86318d806ac6391ae48273e58d409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
LoadCursorW
IsRectEmpty
SetRect
SetCursor
FindWindowExW
PostMessageW
GetAsyncKeyState
RegisterClipboardFormatW
FillRect
ReleaseCapture
IsWindow
GetDC
ReleaseDC
IntersectRect
SetRectEmpty
CopyRect
CharNextW
UnregisterClassA
VkKeyScanExW
ShowWindow
DispatchMessageW
GetSystemMetrics
CharNextA
DialogBoxParamW
CharPrevW
CharLowerW
ScrollDC
ShowCursor
CloseClipboard
RedrawWindow
CreateCaret
GetParent
ValidateRect
GetClipboardFormatNameW
GetNextDlgGroupItem
GetMessageTime
IsCharAlphaA
RealChildWindowFromPoint
EndMenu
GetUserObjectInformationW

shell32

SHGetPathFromIDListW
SHBrowseForFolderA

ole32

OleFlushClipboard

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW

gdi32

BitBlt
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
SetBkMode
DrawEscape
IntersectClipRect
TextOutW
SetGraphicsMode
SetMetaRgn
CreateDiscardableBitmap
GetCharABCWidthsA
LPtoDP
SelectClipRgn
SaveDC
OffsetViewportOrgEx
GetTextMetricsW
PaintRgn
SetICMMode
GetPolyFillMode
EndPath
GetLogColorSpaceA
GetPixelFormat
FloodFill
PolylineTo
SetPaletteEntries
GetSystemPaletteUse
DeleteDC
GetCharWidthW
UnrealizeObject
GetDeviceCaps

comctl32

ord17

kernel32

GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
SetUnhandledExceptionFilter
GlobalCompact
LocalUnlock
SetProcessPriorityBoost
GlobalUnWire
GetMailslotInfo
SetFileValidData
VirtualAlloc
OpenThread
CreateHardLinkW
HeapCreate
SetFileTime
SetEnvironmentVariableA
WaitForDebugEvent
UnhandledExceptionFilter
InitializeCriticalSection
GetFileInformationByHandle
SetCurrentDirectoryW
QueueUserAPC
DebugActiveProcessStop
GetCurrentDirectoryA
ReleaseSemaphore
ResetEvent
WideCharToMultiByte
SetFilePointer
ReadFile
WriteFile
FlushFileBuffers
GetFileSize
MoveFileW
SetFileAttributesW
RemoveDirectoryW
CreateFileW
DeviceIoControl
lstrlenA
GetVersionExW
LoadLibraryW
GetCommandLineW
GetLastError
HeapReAlloc
HeapAlloc
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapFree
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Joanna
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Rihanna
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Isabell
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afc86318d806ac6391ae48273e58d409

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

comctl32

kernel32

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 26KB - Virtual size: 353KB

.Joanna Size: 3KB - Virtual size: 3KB

.Rihanna Size: 2KB - Virtual size: 2KB

.Isabell Size: 3KB - Virtual size: 3KB

.rsrc Size: 181KB - Virtual size: 181KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 26KB - Virtual size: 353KB

.Joanna
Size: 3KB - Virtual size: 3KB

.Rihanna
Size: 2KB - Virtual size: 2KB

.Isabell
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 181KB - Virtual size: 181KB