03f4934062c1b76b7880d3597679ac3f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03f4934062c1b76b7880d3597679ac3f_JaffaCakes118
Size

1.6MB
MD5

03f4934062c1b76b7880d3597679ac3f
SHA1

e4fc6585b0aaa5f313883bec6af26c1e6c80b242
SHA256

cd44afa96e1b832347dbd78d4660ffc705a5b34918509dfd9d82cdb0e8b7df25
SHA512

cd0bb8dbb8e8381e84d910512516a7c478fd51e4980c3d3ea7816f4fd4fd2b7990b736258ccca971d6e35283b2b0b19c223ee912c6d8ed41530807d5379035e9
SSDEEP

24576:iS7QsPpO+9mDP5TQNuCFvtKnSVrfJ9vkfgFutqeS3WnQlp/nGDp3gL47fHZPNPn9:7e+9KPlQdkgvvpQweSmlJfHlxFI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f4934062c1b76b7880d3597679ac3f_JaffaCakes118

Files

03f4934062c1b76b7880d3597679ac3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46f2ee8bb7bdfc623cb4da86a6087caa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
DebugBreak
InterlockedDecrement
WriteFile
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
HeapReAlloc
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
LCMapStringA
VirtualFree
RtlUnwind
GetTimeZoneInformation
SetStdHandle
ReadFile
FlushFileBuffers
CompareStringA
CompareStringW
CloseHandle
WinExec
SetErrorMode
SetLastError
RaiseException
GetFileAttributesA
Sleep
GetVersionExA
GetLocalTime
LCMapStringW
SetFilePointer
CreateFileA
HeapDestroy
HeapFree
GetFileInformationByHandle
FormatMessageA
GetCurrentThread
VirtualQuery
MapViewOfFile
CreateFileMappingA
WaitForSingleObject
SetThreadPriority
CreateProcessA
GetSystemTimeAsFileTime
GetSystemTime
GetLogicalDrives
GetExitCodeProcess
GetEnvironmentVariableA
GetLastError
GetCurrentProcessId
SystemTimeToFileTime
DeleteFileA
CopyFileA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
HeapCreate
SetHandleCount
GetFileType
GetStdHandle
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
TerminateProcess
UnhandledExceptionFilter
GetCurrentProcess
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
SetCurrentDirectoryA
FindNextFileA
FindFirstFileA
GetFullPathNameA
SetEnvironmentVariableA
GetDriveTypeA
HeapValidate
GetCurrentDirectoryA
MoveFileA
ExitProcess
IsBadReadPtr
IsBadWritePtr
GetStartupInfoA
GetVersion
GetCommandLineA
GetTempFileNameA
GetModuleHandleA
GetTempPathA
FreeLibrary
SetEndOfFile
GetComputerNameA

advapi32

RegEnumValueA
RegOpenKeyA
RegCloseKey

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
ChooseFontA
ChooseColorA

gdi32

StartPage
GetTextExtentPoint32A
SetTextAlign
EndDoc
SetTextColor
SetBkColor
SetBkMode
Polygon
Rectangle
TextOutA
LineTo
SetPixelV
MoveToEx
SetDIBits
DeleteDC
GetDIBits
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
SetMapMode
SelectClipRgn
SetROP2
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateFontA
CreateDIBitmap
GetDeviceCaps
BitBlt
GetBkColor
GetStockObject
SetAbortProc
DeleteObject
StartDocA
EndPage

user32

DispatchMessageA
SetCursorPos
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
LoadBitmapA
DestroyWindow
GetWindowLongA
DefWindowProcA
PostQuitMessage
MessageBoxA
MoveWindow
SendMessageA
EndPaint
BeginPaint
GetClientRect
SetFocus
GetFocus
PostMessageA
SetCursor
LoadCursorA
ShowScrollBar
SetScrollPos
SetScrollRange
ClientToScreen
GetWindowRect
DrawMenuBar
SetMenu
AppendMenuA
CreateMenu
GetKeyState
EnableMenuItem
TranslateMessage
TranslateAcceleratorA
GetCursorPos
PeekMessageA
IsDialogMessageA
GetMessageA
ShowCursor
GetCursor
GetDC
ReleaseDC
CreatePopupMenu
DeleteMenu
GetMenuItemCount
GetMenu
SetWindowLongA
DestroyMenu
TrackPopupMenuEx
EnableWindow
CreateDialogIndirectParamA
SendDlgItemMessageA
GetDlgItem
GetParent
SetActiveWindow
GetActiveWindow
DialogBoxIndirectParamA
EndDialog
GetDialogBaseUnits
FillRect

comctl32

PropertySheetA
CreateToolbarEx
ord17

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46f2ee8bb7bdfc623cb4da86a6087caa

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

user32

comctl32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 172KB - Virtual size: 3.5MB

.WYCao Size: 8KB - Virtual size: 6KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 172KB - Virtual size: 3.5MB

.WYCao
Size: 8KB - Virtual size: 6KB