9591aaab762082fce64c6fe6988d3241_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9591aaab762082fce64c6fe6988d3241_JaffaCakes118
Size

736KB
MD5

9591aaab762082fce64c6fe6988d3241
SHA1

df436bbbf1a25041f28e6701bc77dcd36224bce1
SHA256

6e14f8fe61cd74aa57982dbf1ab36ebdb5a81137fa7b1034d1d66630ec65dbd1
SHA512

77e16a2cc1ccdb961b6c32873a9cda49306a2f1ff9341cba98656960d6d8600dac7ae2e52c92a3973d4c9e1547e3ee688fbe38b958eb7f794f68bdf4623d7a2c
SSDEEP

12288:BFzbXYc4FIEQUesdJ7sgJxXiPGZhAhpA1fKDj4vdYTbEpCzXXsj7ZC:BlXYRQUQgJxSP4N9vd2qP7ZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9591aaab762082fce64c6fe6988d3241_JaffaCakes118

Files

9591aaab762082fce64c6fe6988d3241_JaffaCakes118
.exe windows:6 windows x86 arch:x86

bd0fe97854b1e34bd24e0d6d9e6f8d84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetPrivateProfileStringA
GetModuleFileNameA
GetVolumePathNameW
IsValidCodePage
SetEnvironmentVariableA
EnumDateFormatsExA
SystemTimeToTzSpecificLocalTime
OpenProcess
GetVolumePathNameA
_lread
ExpandEnvironmentStringsA
DeleteFileA
OutputDebugStringA
FileTimeToDosDateTime
CompareStringW
FindNextVolumeA
GetDiskFreeSpaceExA
GetCurrencyFormatA
CreatePipe
GetPrivateProfileIntW
SuspendThread
SetVolumeMountPointW
CancelIo
FormatMessageW
GetCommandLineA
GetDateFormatA
RemoveDirectoryA
GetFileType
MoveFileExW
CancelWaitableTimer
LockFileEx
GetFileAttributesA
lstrcatW
EnumUILanguagesW
GetCurrentDirectoryW
GetCalendarInfoA
WaitForSingleObjectEx
GlobalUnlock
GetSystemDefaultUILanguage
SetTimeZoneInformation
EnumResourceLanguagesA
GetComputerNameA
MultiByteToWideChar
lstrcmpW
OpenFile
GlobalUnWire
FindResourceA
CreateNamedPipeW
LocalLock
lstrlenA
EnumDateFormatsA
TlsAlloc
CreateTimerQueueTimer
GlobalMemoryStatusEx
GetPrivateProfileSectionA
GetTempFileNameA
GetProcessVersion
DefineDosDeviceW
GlobalGetAtomNameA
GetCurrentThreadId
SetLocaleInfoW
SetSystemTime
CreateDirectoryW
SetLocaleInfoA
SwitchToThread
_lwrite
OpenWaitableTimerA
InterlockedExchangeAdd
GlobalAddAtomA
GetFileAttributesExW
PostQueuedCompletionStatus
SetCalendarInfoA
Sleep
UpdateResourceW
WritePrivateProfileStringA
CreateHardLinkA
HeapAlloc
GetCommandLineW
GetVolumeNameForVolumeMountPointA
IsValidLanguageGroup
SetFileAttributesA
GetTempFileNameW
EnumUILanguagesA
BindIoCompletionCallback
GetExitCodeProcess
GetPrivateProfileSectionNamesA
EnumResourceTypesA
CreateTimerQueue
EndUpdateResourceW
CancelDeviceWakeupRequest
CommConfigDialogA
TlsSetValue
WaitForMultipleObjectsEx
GetACP
GetThreadPriorityBoost

advapi32

RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExW

user32

RegisterClassW
CreateWindowExW
InvertRect
WaitMessage
DestroyWindow
LoadIconW
TranslateMessage
GetDlgItemTextW
LoadBitmapW
CheckDlgButton
MessageBoxW
BeginPaint
wsprintfW
GetDlgItem
IsZoomed
PostQuitMessage
EndPaint
LoadCursorW
SetRect
TranslateAcceleratorW
MoveWindow
GetSystemMetrics
DialogBoxParamW
OffsetRect
GetDesktopWindow
WinHelpW
DrawTextW
UnionRect
GetWindowRect
IntersectRect
GetWindowPlacement
MessageBoxA
LoadAcceleratorsW
ReleaseDC
GetMenu
LoadStringA
EndDialog
GetMessageW
IsIconic
GetSubMenu
GetClientRect
EnableMenuItem
InvalidateRect
UpdateWindow
DrawMenuBar
PtInRect
SetCapture
SetDlgItemTextW
ReleaseCapture
GetDC
GetForegroundWindow
DefWindowProcW
PeekMessageW
FrameRect
SendMessageW
SetTimer
CheckRadioButton
DispatchMessageW
LoadStringW
CharLowerBuffA
ShowWindow
FillRect
GetParent
IsDlgButtonChecked
PostMessageW

shlwapi

PathAppendA
PathCombineA

comctl32

InitCommonControlsEx

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd0fe97854b1e34bd24e0d6d9e6f8d84

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

comctl32

Sections

.text Size: 282KB - Virtual size: 282KB

.data Size: 240KB - Virtual size: 603KB

.rdata Size: 9KB - Virtual size: 9KB

.rsrc Size: 195KB - Virtual size: 195KB

.reloc Size: 7KB - Virtual size: 8KB

.text
Size: 282KB - Virtual size: 282KB

.data
Size: 240KB - Virtual size: 603KB

.rdata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 195KB - Virtual size: 195KB

.reloc
Size: 7KB - Virtual size: 8KB