04eeb1c4c1db5256ce7ba9aa32854881_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04eeb1c4c1db5256ce7ba9aa32854881_JaffaCakes118
Size

600KB
MD5

04eeb1c4c1db5256ce7ba9aa32854881
SHA1

9617f90ce880fea160ddd8e1d18f99419602be68
SHA256

53e418a79ca988d23cf8166d41ccf9e950fb0a933c502aae9a1b8b9dedb109dc
SHA512

77e2577311170c34b80516c642319aa65217b33f2b50720a0cf3ffa0d33a1f8994575e58f4eb1c8ac7cd16c5b4434251aa6ac5d63dc1af64f8889174107d6b82
SSDEEP

12288:dQ6/c8RPtV7rtneKAsvjuLm6Pn4Jssfs5DIsGxh4n6FNj:dncgV7rpeKAsKLjPn4Js75UsGxenC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04eeb1c4c1db5256ce7ba9aa32854881_JaffaCakes118

Files

04eeb1c4c1db5256ce7ba9aa32854881_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d48c236fca1cfd6d7fc1b739cb0ceba4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxIndirectParamA
AdjustWindowRectEx
MessageBeep
GetCaretPos
LoadImageW
WinHelpA
MessageBoxIndirectA
DefWindowProcW
GetWindowTextA
EnumDesktopsA
SendMessageTimeoutA
CharLowerW
SetMenuItemBitmaps
RegisterClipboardFormatA
CallWindowProcA
IsWindow
CreateWindowStationW
DrawTextExW
DrawFocusRect
GetWindowModuleFileNameA
RegisterWindowMessageA
SetWindowsHookA
CreateWindowExA
DestroyWindow
RedrawWindow
MessageBoxA
DdeGetData
RealGetWindowClass
GetClassInfoExW
GetMessageW
RegisterClassExA
OpenDesktopW
SetSysColors
GetMonitorInfoW
SetWindowRgn
ValidateRgn
UnhookWinEvent
ToAsciiEx
PostThreadMessageW
CreateDialogParamA
IsCharAlphaW
GetUpdateRect
DdeFreeDataHandle
DefFrameProcA
SetCaretBlinkTime
RegisterClassA
ShowWindow
InvertRect
ClipCursor
ToUnicodeEx
IsRectEmpty
DdeConnectList

advapi32

RegQueryValueExA
CryptHashSessionKey
CryptEnumProvidersA
CryptAcquireContextW
RegSaveKeyW
RegDeleteKeyA
InitiateSystemShutdownW
CryptDestroyHash
RegQueryInfoKeyW
RegSetValueA
RegQueryMultipleValuesA
LookupPrivilegeDisplayNameA
InitiateSystemShutdownA
CryptImportKey
CryptGetKeyParam
CryptGenRandom
CryptEnumProviderTypesA
RegConnectRegistryA
StartServiceW
CryptHashData
CryptDestroyKey

kernel32

GetConsoleTitleW
GetModuleHandleA
FreeEnvironmentStringsW
CreateToolhelp32Snapshot
GetFullPathNameA
EnumSystemLocalesA
TransactNamedPipe
LCMapStringA
OpenFileMappingA
GetCurrentThread
InitializeCriticalSection
InterlockedIncrement
LoadLibraryA
GetCompressedFileSizeW
SetUnhandledExceptionFilter
GetCurrentProcessId
GetThreadLocale
DeleteAtom
GetEnvironmentStringsA
ReadFile
LoadResource
GetFileAttributesExA
SetLocaleInfoA
CreateNamedPipeA
CreateMutexA
SetHandleCount
TerminateProcess
CompareStringA
SetFilePointer
SetConsoleTextAttribute
HeapReAlloc
RtlUnwind
SetConsoleCtrlHandler
GetPrivateProfileIntW
GetCPInfo
GetOEMCP
GetLocalTime
UnhandledExceptionFilter
GetEnvironmentStrings
OpenMutexW
IsBadWritePtr
GetNumberFormatA
OpenSemaphoreA
LCMapStringW
GetCurrentThreadId
TlsGetValue
TlsAlloc
GetCommandLineA
GetTimeZoneInformation
CreateMailslotW
OutputDebugStringA
HeapValidate
SetThreadLocale
lstrcpyW
GetPrivateProfileSectionNamesW
ExitProcess
FillConsoleOutputCharacterA
LocalLock
GetLastError
GetStdHandle
FindFirstFileA
FreeEnvironmentStringsA
WideCharToMultiByte
EnumResourceTypesW
CreateProcessW
SetLastError
WaitForMultipleObjectsEx
GetFileType
InterlockedExchange
LocalReAlloc
GetTickCount
GetCompressedFileSizeA
IsValidCodePage
TryEnterCriticalSection
OpenWaitableTimerW
GetProfileSectionW
GetPrivateProfileStringW
VirtualLock
CommConfigDialogA
HeapCreate
GetModuleFileNameA
OpenFile
DeleteCriticalSection
HeapDestroy
IsBadReadPtr
SetStdHandle
FindFirstFileW
VirtualAlloc
EnumDateFormatsExW
GetVersion
WaitForDebugEvent
VirtualFree
CreateSemaphoreA
GetProfileIntW
GetNamedPipeInfo
GetStringTypeExW
GetTimeFormatA
InterlockedDecrement
QueryPerformanceCounter
GetSystemDefaultLangID
GetShortPathNameA
SetEnvironmentVariableA
GetSystemTime
GetSystemTimeAsFileTime
OpenMutexA
GlobalReAlloc
OpenEventA
DebugBreak
GetEnvironmentStringsW
GetLogicalDrives
MultiByteToWideChar
EnterCriticalSection
GetStringTypeW
VirtualQuery
AddAtomW
TlsSetValue
GetCurrentProcess
SetConsoleMode
GetTempPathW
FindResourceA
HeapAlloc
FindResourceExW
HeapFree
WriteFile
OpenWaitableTimerA
GetProcAddress
SetConsoleCursorPosition
RtlFillMemory
GlobalFree
TlsFree
GetProfileStringW
WritePrivateProfileStringA
GetProcAddress
CreateFileA
FindFirstFileExW
GetProcessShutdownParameters
GetStartupInfoA
ReadConsoleInputW
CloseHandle
GetACP
LeaveCriticalSection
FreeResource
GetStringTypeA
GetSystemTimeAdjustment
SetSystemTime
lstrlenA
FlushFileBuffers
CompareStringW

comctl32

InitCommonControlsEx
DrawInsert
CreatePropertySheetPage
ImageList_GetImageInfo
InitMUILanguage
GetEffectiveClientRect
ImageList_SetFlags
ImageList_LoadImage
ImageList_Write
ImageList_DrawIndirect
ImageList_Copy

gdi32

GetPixelFormat
EndDoc
ModifyWorldTransform
GetObjectW
SetStretchBltMode
SetDIBits
SetBkMode
CreateDCW
GetEnhMetaFileHeader
DeleteDC
SetMetaFileBitsEx
PathToRegion
CloseMetaFile
GetTextFaceW
PlayEnhMetaFileRecord
GdiPlayScript
GetDeviceCaps
FillPath

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48c236fca1cfd6d7fc1b739cb0ceba4

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

gdi32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 130KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 130KB

.rsrc
Size: 36KB - Virtual size: 32KB