07f9d621bbc1845e95ff2bcea480e853_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07f9d621bbc1845e95ff2bcea480e853_JaffaCakes118
Size

552KB
MD5

07f9d621bbc1845e95ff2bcea480e853
SHA1

a121048d83b07356a53ae988e5632dcd50d9f00e
SHA256

00a25901b85ef0618ea8d944d23677ba01452eff8f781f0bc74c10a5ffb218c3
SHA512

f55038de1bf5ca1554e1c592dcea9b12ed52de88c2b6e2e76ad015b01ba089c798916772d1fe2644088591d6b139ba389640935cca246c59cf4fb8ed21b16830
SSDEEP

12288:X0dJVZdQ3bVFw8yoMud3qFenTZ9UOwfXdjMCy8:aXVud3FcO0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f9d621bbc1845e95ff2bcea480e853_JaffaCakes118

Files

07f9d621bbc1845e95ff2bcea480e853_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81499a6e960d60b4a7928933ace36f74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
LocalFree
SetStdHandle
ReadFile
FlushFileBuffers
OpenFile
CreateProcessA
DeleteCriticalSection
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
GetCommandLineA
CreateMutexA
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
lstrlenW
GetCurrentProcess
GetLocaleInfoA
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetLastError
GetVersionExA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
Sleep
GetSystemDirectoryA
CopyFileA
CreateFileA
CloseHandle
GetSystemDefaultLCID
VirtualFree

user32

ShowWindow
DefWindowProcA
SetWindowTextA
EndDialog
SendMessageA
EnableWindow
WinHelpA
LoadStringA
GetWindowRect
GetDC
IntersectRect
GetDlgCtrlID
SetCapture
ReleaseCapture
DestroyIcon
EnumDisplaySettingsA
CharNextA
PostThreadMessageA
PostQuitMessage
DispatchMessageA
GetMessageA
RegisterClassA
ChangeDisplaySettingsA
GetWindowTextA
WindowFromPoint
GetCursorPos
FrameRect
FindWindowA
BroadcastSystemMessage
GetDlgItem
UnionRect
IsWindowEnabled
CreateWindowExA
GetWindowLongA
DrawTextA
OffsetRect
GetSysColor
CopyRect
MoveWindow
GetClassInfoExA
LoadCursorA
EnableMenuItem
GetSystemMenu
EnumChildWindows
DialogBoxParamA
GetParent
SetWindowLongA
CallWindowProcA
CreateDialogParamA
PostMessageA
EndPaint
BeginPaint
ScreenToClient
GetIconInfo
MapWindowPoints
InvalidateRect
wsprintfA
SetFocus
ReleaseDC
FillRect
GetWindowDC
GetClientRect
SetRectEmpty
MessageBoxA
SetTimer
RegisterClassExA
IsWindow
PtInRect
UpdateWindow
CopyImage
DestroyWindow
GetSystemMetrics
SetCursor
KillTimer

gdi32

GetTextExtentPoint32A
SetROP2
Rectangle
SetBkMode
MoveToEx
CreateFontIndirectA
GetTextMetricsA
DeleteObject
DeleteDC
BitBlt
StretchBlt
GetObjectA
SelectObject
CreateCompatibleDC
Polyline
CreatePen
GetStockObject
SetPixel
CreateCompatibleBitmap
GetPixel
SetTextColor
SetBkColor
LineTo
CreateSolidBrush

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA

shell32

ShellExecuteExA

ole32

CoInitialize
CoUninitialize
CoSuspendClassObjects
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoRevokeClassObject
CoRegisterClassObject

oleaut32

LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantClear
SafeArrayLock
SafeArrayAccessData
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayUnlock
SafeArrayRedim
SafeArrayCreate
SafeArrayGetElemsize
SysStringByteLen
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString

comctl32

CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
ord17
ImageList_Draw
ImageList_GetImageInfo
PropertySheetA
ImageList_Add
DestroyPropertySheetPage

hccutils

ReleaseClassDevice
LoadIMAGE
LoadCURSOR
DeleteString
StretchBitmap
EnumDeviceByClass
LoadBitmapFromFile
LoadBITMAP
LoadICON
FindResources
IsDisplayValid
LoadDialogString
LoadSTRING
GetMyRegKey
CreateThisKey
GetHardwareKey
EnumDspDev
SaveString

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81499a6e960d60b4a7928933ace36f74

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

hccutils

Sections

.text Size: 392KB - Virtual size: 391KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 28KB - Virtual size: 47KB

Size: 60KB - Virtual size: 56KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 392KB - Virtual size: 391KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 8KB - Virtual size: 7KB