01cba4445259ad304d6ffa87b9c4fd83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01cba4445259ad304d6ffa87b9c4fd83_JaffaCakes118
Size

576KB
MD5

01cba4445259ad304d6ffa87b9c4fd83
SHA1

4408f04e83cd75d43d401925c7e3796fa88befca
SHA256

ff539f000a5b1002087f752f0ea0c4fdd0a5f75619bc6bd670a244ae2e4e57b4
SHA512

abc0be94cbcb1ef2eb6361ef2698c772053e9571b6fe7c5aa5032b784674c8b5eee1336622f08bd6937c6fbadc261e0357f55dbf38caa4252709cde5fadd55d6
SSDEEP

12288:i2zB99TwsndQ+huZt0Jt9ThB9/6Fm9mBNfnNZzulYVa:i2zzndQ+huMTBR6F+m3nNim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01cba4445259ad304d6ffa87b9c4fd83_JaffaCakes118

Files

01cba4445259ad304d6ffa87b9c4fd83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d6bf92bfc08eaa79b7b618d19e41b44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextW
MessageBoxA
TranslateAccelerator
SetMenu
UnhookWindowsHookEx
AppendMenuA
DdeDisconnectList
RegisterClipboardFormatA
SetCapture
CreateWindowExA
SetFocus
GetWindowWord
GetMessageExtraInfo
GetSystemMetrics
SetWindowLongW
EqualRect
LoadCursorW
RegisterClassExA
UnionRect
GetInputDesktop
OffsetRect
CreateDesktopW
SetShellWindow
SetMessageQueue
DestroyWindow
ShowWindow
TabbedTextOutA
RegisterClassA
SetRectEmpty
AdjustWindowRectEx
InSendMessage
DefWindowProcW

gdi32

GetAspectRatioFilterEx
ExtTextOutA
StrokeAndFillPath
GetCharWidthA
DeviceCapabilitiesExA
LPtoDP
GdiPlayDCScript

advapi32

LogonUserA
RegQueryMultipleValuesA
CryptDuplicateKey
CryptExportKey
DuplicateToken
CryptGenKey
RegSaveKeyW
RegDeleteValueW
CryptSetKeyParam
RegCreateKeyExA
LookupPrivilegeNameW
CryptSignHashW
CryptGetProvParam
CryptContextAddRef
RegFlushKey
LogonUserW
CryptDestroyKey
RegLoadKeyA
RegQueryValueW
RegSetValueA
CryptEnumProviderTypesA
RegQueryValueExW
ReportEventA
CryptAcquireContextA

shell32

FindExecutableW
DoEnvironmentSubstW
SHGetDiskFreeSpaceA
SHLoadInProc

kernel32

GetEnvironmentStrings
GetFileType
LCMapStringA
VirtualFree
CompareStringA
FreeEnvironmentStringsW
HeapFree
ExitProcess
SetEnvironmentVariableA
GetSystemInfo
UnhandledExceptionFilter
VirtualAlloc
CreateMailslotW
HeapCreate
GetFullPathNameW
GetModuleFileNameA
HeapReAlloc
GlobalLock
MultiByteToWideChar
CompareStringW
TerminateProcess
SetStdHandle
IsBadWritePtr
CloseHandle
FindResourceW
EnumSystemLocalesA
SetHandleCount
GetUserDefaultLCID
GetCommandLineA
QueryPerformanceCounter
LCMapStringW
VirtualQuery
OpenMutexA
TryEnterCriticalSection
WriteFile
GetVersionExA
SetLastError
FreeEnvironmentStringsA
GetDateFormatA
GetCurrentThread
CreateFileW
LoadLibraryA
HeapDestroy
GetCurrentProcessId
RtlUnwind
GetModuleHandleA
ReadFile
GetStringTypeA
FlushFileBuffers
HeapSize
HeapAlloc
TlsSetValue
GetCPInfo
GetTimeZoneInformation
GetProcAddress
IsValidCodePage
TlsFree
EnterCriticalSection
TlsAlloc
TlsGetValue
GetCurrentThreadId
ConnectNamedPipe
GetLocaleInfoW
SetFilePointer
CreateMutexA
WideCharToMultiByte
VirtualProtect
GetStdHandle
DeleteCriticalSection
GetTickCount
GetCurrentProcess
InterlockedExchange
LeaveCriticalSection
GetSystemTimeAsFileTime
GetStringTypeW
GetEnvironmentStringsW
InitializeCriticalSection
GetACP
IsValidLocale
GetLocaleInfoA
GetOEMCP
GetTimeFormatA
GetStartupInfoA
GetLastError

comctl32

DrawStatusTextA
ImageList_DrawIndirect
ImageList_Create
DrawInsert
CreateStatusWindow
CreateStatusWindowA
ImageList_GetIcon
ImageList_LoadImage
InitCommonControlsEx

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d6bf92bfc08eaa79b7b618d19e41b44

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

kernel32

comctl32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 122KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 122KB

.rsrc
Size: 40KB - Virtual size: 38KB