043820f2198c3ef43b51babf6f05a71b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

043820f2198c3ef43b51babf6f05a71b_JaffaCakes118
Size

744KB
MD5

043820f2198c3ef43b51babf6f05a71b
SHA1

80c08db0e43333b684046270a664907b0d9a240a
SHA256

1d045b1ae2912ad6e56c62bb460c007ab408539548cc485b33c74f08d8b95d8a
SHA512

ca98c67284bacab48ef8ddce228eedf469476ab0c1b2185b9912d815addddf10f6401c74a885cfebcf4dcf9ca544db42863c4143f91950afe96b9d297a1daa33
SSDEEP

12288:3Obb9/1cQW+9AXGgVrxZgI+OG3O6s7Adk17a9DXuOvtUVjEXsJify:eV1c0UGSrxMOG3O6s7C7Zvtzpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
043820f2198c3ef43b51babf6f05a71b_JaffaCakes118

Files

043820f2198c3ef43b51babf6f05a71b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b199372aa8180f2ce93164027cf9004

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\

Imports

comdlg32

GetSaveFileNameA

user32

RegisterClassA
CharToOemW
EnumDisplaySettingsW
CreateWindowExA
DdeCreateDataHandle
SetUserObjectInformationA
wsprintfW
IsCharUpperW
RegisterClassExA
CheckMenuItem
MessageBoxW
FlashWindow
DestroyWindow
CharToOemBuffW
EnumDisplayDevicesW
ShowWindow
ImpersonateDdeClientWindow
CheckRadioButton
TrackPopupMenuEx
SetWindowRgn
CreateMenu
DefWindowProcA
SwitchDesktop
GetMenuStringA
GetUserObjectSecurity
GetMenuBarInfo
InflateRect
GetListBoxInfo
GetScrollBarInfo
CopyAcceleratorTableA
SendMessageW
IsCharAlphaW
SetWindowPlacement

comctl32

ImageList_Copy
ImageList_AddIcon
ImageList_LoadImage
GetEffectiveClientRect
ImageList_DrawEx
ImageList_GetImageRect
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Add
ImageList_GetDragImage
ImageList_SetImageCount
ImageList_Replace
InitCommonControlsEx
ImageList_Create
ImageList_SetOverlayImage
ImageList_SetFilter

kernel32

GetLocaleInfoA
UnhandledExceptionFilter
IsValidLocale
CreateDirectoryExA
GetCurrentProcess
AllocConsole
WriteConsoleOutputCharacterA
GetVolumeInformationA
GetLocaleInfoW
CompareStringA
MoveFileW
GlobalSize
FindAtomW
GetCommandLineA
IsBadWritePtr
lstrlen
OpenWaitableTimerW
WritePrivateProfileStringW
Sleep
GetProcAddress
GetProfileSectionA
GetStartupInfoA
GetDateFormatA
GetStringTypeW
ReadConsoleOutputCharacterA
ExitProcess
LoadResource
GetMailslotInfo
GetEnvironmentStringsW
GetStringTypeA
EnumSystemLocalesA
InitializeCriticalSection
GetCompressedFileSizeW
VirtualFree
FillConsoleOutputAttribute
CloseHandle
GetConsoleCP
OpenMutexA
FreeEnvironmentStringsW
SetCurrentDirectoryW
LCMapStringW
TerminateProcess
ExpandEnvironmentStringsW
WriteConsoleOutputAttribute
ReadFile
EnterCriticalSection
GlobalGetAtomNameA
InterlockedExchange
GetProfileStringW
GetModuleHandleA
SetFilePointer
LeaveCriticalSection
GetFileType
GetCurrentProcessId
VirtualQuery
SetLocaleInfoA
HeapAlloc
SetLastError
CompareStringW
lstrcmpiA
DeleteCriticalSection
WideCharToMultiByte
GetTickCount
LCMapStringA
HeapReAlloc
ReadConsoleW
GetCurrentThreadId
TlsAlloc
WaitNamedPipeA
FreeLibraryAndExitThread
FindResourceA
FreeEnvironmentStringsA
GetStdHandle
FoldStringA
GetModuleFileNameA
HeapDestroy
MoveFileA
VirtualProtect
QueryPerformanceCounter
lstrcmpiW
IsValidCodePage
GetSystemInfo
GetCPInfo
SetEnvironmentVariableA
GetProcessAffinityMask
LoadLibraryA
ReadConsoleInputW
lstrcpyW
GetTempPathA
SetConsoleOutputCP
GetLastError
GetCurrentThread
SetHandleCount
TlsFree
GetVersionExA
FlushFileBuffers
GetFileAttributesW
GetEnvironmentStrings
GetThreadLocale
CreateMutexA
LockFile
HeapCreate
FindNextFileA
lstrcpyA
GetOEMCP
WaitForMultipleObjects
VirtualAlloc
GetSystemTimeAsFileTime
LocalHandle
HeapFree
GetLongPathNameA
WriteFile
GetConsoleTitleA
SetThreadLocale
GetNumberFormatA
ConnectNamedPipe
GetTimeZoneInformation
RtlUnwind
FillConsoleOutputCharacterW
lstrcpy
AddAtomW
TlsSetValue
FindResourceW
TlsGetValue
GetACP
GetUserDefaultLCID
MultiByteToWideChar
GetThreadPriorityBoost
GetPrivateProfileSectionW
EnumCalendarInfoW
VirtualProtectEx
SetStdHandle
HeapSize
GetComputerNameA
GetTimeFormatA

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mgektgq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b199372aa8180f2ce93164027cf9004

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 453KB - Virtual size: 453KB

.data Size: 136KB - Virtual size: 167KB

.rsrc Size: 59KB - Virtual size: 60KB

mgektgq Size: - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 453KB - Virtual size: 453KB

.data
Size: 136KB - Virtual size: 167KB

.rsrc
Size: 59KB - Virtual size: 60KB

mgektgq
Size: - Virtual size: 4KB