430b853ffff4e1fb0b536a4a1ca24ba2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

430b853ffff4e1fb0b536a4a1ca24ba2_JaffaCakes118
Size

48KB
MD5

430b853ffff4e1fb0b536a4a1ca24ba2
SHA1

fbda828bd1b42003952acef0e7acbcf5d59fd3ac
SHA256

c18aef2b1248b87636dba66853d79c2d3a71366898c95ee607ffa0695ed77848
SHA512

6a188bcfff6877198d7d035067730859fb2d3853d66782324fbe84f618596eb126d21bccf73416148fa73fc755b985cdbb189ce1f5541db432a9e91374d060b1
SSDEEP

768:LRir6SVDfy0uOd0DaaFBtpWp8TTlsZBL5rrJ83jYi0XxfClgy:LRm6SFuaAaaFBtp1flCs3jn0XxfYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
430b853ffff4e1fb0b536a4a1ca24ba2_JaffaCakes118

Files

430b853ffff4e1fb0b536a4a1ca24ba2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c369996b0723b42faa6fc523a55ff23e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
log10
memcpy
fopen
fseek
fclose
wcslen
wcscpy
wcscat
wcsncpy
memcmp
wcscmp
wcsncmp
sprintf
_stricmp
strcmp
tolower
_wcsicmp
fabs
ceil
malloc
floor
free
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
HeapAlloc
HeapFree
SetCurrentDirectoryA
LoadLibraryW
GetProcAddress
Sleep
FreeLibrary
CloseHandle
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalFree
GetVersionExW
SetLastError
GetCurrentProcessId
TlsAlloc
CreateFileW
SetFilePointer
ReadFile
HeapReAlloc
DeleteCriticalSection
LoadLibraryA

user32

CharLowerW
BeginPaint
EndPaint
DefWindowProcW
LoadIconW
RegisterClassExW
CreateWindowExW
RedrawWindow
SendMessageW
GetClientRect
GetDC
DrawFocusRect
ReleaseDC
GetWindowLongW
ScreenToClient
GetPropW
RemovePropW
SetPropW
GetParent
GetClassNameW
GetWindowRect
IntersectRect
SetWindowPos
EnumChildWindows
DestroyWindow
IsWindowEnabled
GetSysColor
GetSysColorBrush
CallWindowProcW
GetSystemMetrics
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetRect
DrawTextW
InvalidateRect
UpdateWindow
GetIconInfo
DrawStateW
GetFocus
FrameRect
ValidateRect
GetWindow
SetWindowTextW
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadCursorW
RegisterClassW
AdjustWindowRectEx
ShowWindow
CreateAcceleratorTableW
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetFocus
FillRect
PostMessageW
DefFrameProcW
IsWindowVisible
IsChild
GetKeyState
GetWindowThreadProcessId
DefWindowProcA
RegisterClassA
CreateWindowExA
RegisterWindowMessageA
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
OpenClipboard
GetClipboardData
CloseClipboard

gdi32

GetStockObject
SetBkColor
SetTextColor
SelectObject
GetTextExtentPoint32W
GetObjectType
GetObjectW
DeleteObject
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateSolidBrush
SetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateDIBSection
GetObjectA
GetDIBits
CreateBitmap
SetPixel

comctl32

InitCommonControlsEx

shell32

ShellExecuteExW
DragQueryFileW

ole32

OleInitialize
OleUninitialize
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop

Sections

.code
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c369996b0723b42faa6fc523a55ff23e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

shell32

ole32

Sections

.code Size: 1KB - Virtual size: 1KB

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 1024B - Virtual size: 912B

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 292B

.code
Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 1024B - Virtual size: 912B

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 292B