4474b37b296c71df288e877e533edcfd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4474b37b296c71df288e877e533edcfd_JaffaCakes118
Size

606KB
MD5

4474b37b296c71df288e877e533edcfd
SHA1

17012d94bff583221673c517af509698c64a8638
SHA256

122a0224b6c840fa9e58fc960f0741a169f731e21828901d51bdf9eb31425a26
SHA512

4af632e758c582a8dae28d43a771c5fd9ad0f45046b5b147245811cd9cca81b2098837e63f606318ace718daf05ca0068a8781c7d68eea9d2c5f7799001e1488
SSDEEP

12288:k62qhMFKvxrnvgUvd5DDz9Q8UhKHl0rD6VgDSj5lRTD8HQwUtKNCN5m:A6zgUvTDDzK2yrD6/V0jNCN5m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4474b37b296c71df288e877e533edcfd_JaffaCakes118

Files

4474b37b296c71df288e877e533edcfd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

939b0044927b76764394e063f55dd9c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
LockResource
SetLastError
LoadLibraryA
IsBadReadPtr
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
WideCharToMultiByte
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetStdHandle
WriteFile
lstrlenA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
DecodePointer
EncodePointer
RtlUnwind
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
VirtualAlloc
VirtualFree
lstrcpynA
lstrcmpW
GetCurrentProcess
FlushInstructionCache
lstrcpyW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
MulDiv
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetVersionExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
EnterCriticalSection
RaiseException
LoadLibraryW
FreeLibrary
GetProcAddress
GetTempPathW
GetTickCount
GetCurrentThreadId
GetProcessHeap
GetModuleHandleW
GetProcessVersion
GetVersion
OpenMutexA
WaitForSingleObject
CreateMutexA
CloseHandle
GetLastError
OpenMutexW
IsProcessorFeaturePresent
GetModuleHandleA
Sleep
OpenEventW
ExitProcess
GetCurrentProcessId

user32

ShowWindow
RemoveMenu
AppendMenuW
CreatePopupMenu
LoadBitmapW
LoadStringA
RegisterClassExW
LoadStringW
GetWindowRect
TranslateAcceleratorW
SetMenuDefaultItem
GetClassInfoExW
SetMenu
GetMenu
LoadImageW
PostQuitMessage
GetSubMenu
PeekMessageW
IsMenu
SetWindowsHookExW
GetClassNameW
CallNextHookEx
GetKeyState
CharLowerW
UnhookWindowsHookEx
InflateRect
RegisterWindowMessageW
TrackPopupMenuEx
WindowFromPoint
MessageBeep
FrameRect
ModifyMenuW
MonitorFromPoint
GetMonitorInfoW
DrawFrameControl
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
IsWindowVisible
MapWindowPoints
PostMessageW
DestroyMenu
GetCapture
SetCursor
GetWindowDC
SystemParametersInfoW
GetMessagePos
PtInRect
ReleaseCapture
SetCapture
UpdateWindow
ScreenToClient
OffsetRect
EndPaint
BeginPaint
SetRect
DrawEdge
DrawTextW
FillRect
CallWindowProcW
GetParent
SetFocus
InvalidateRect
GetClientRect
SetWindowPos
SendMessageW
CreateWindowExW
SetRectEmpty
LoadCursorW
CharNextW
DefWindowProcW
IsWindow
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
GetDesktopWindow
GetFocus
GetSysColor
GetCursor
GetSystemMetrics
GetSysColorBrush
GetForegroundWindow
DestroyWindow
UnregisterClassA

gdi32

CreateDIBSection
SetBkColor
SetBrushOrgEx
CreateFontIndirectW
BitBlt
CreateBitmap
CreatePatternBrush
PatBlt
LineTo
MoveToEx
GetStockObject
DeleteDC
DeleteObject
Ellipse
Rectangle
CreatePen
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
GetCurrentObject
SetTextColor
SetBkMode

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarUI4FromStr

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
CreateStatusWindowW
ord8
ImageList_Create
ImageList_LoadImageW
InitCommonControlsEx
ImageList_AddMasked

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

939b0044927b76764394e063f55dd9c2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

advapi32

comctl32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 400KB - Virtual size: 399KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 400KB - Virtual size: 399KB

.reloc
Size: 13KB - Virtual size: 12KB