166c0f66fb6d85510c0d31a1a0179029_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

166c0f66fb6d85510c0d31a1a0179029_JaffaCakes118
Size

608KB
MD5

166c0f66fb6d85510c0d31a1a0179029
SHA1

131833a02a3657564e002cb5c7d42f2111ed8658
SHA256

ea3418c833e3d0996c12773636d04b87fcafd2ae032e5af8a09c5c586997424e
SHA512

e7cce33d140e71fe89b48eb84470ab7481a2f3f9ef1bc867551d10e4c4760b5b48e700013d245e6e4f821d19185e45769ac7cf950d1d617fe061fb2f3fb311ee
SSDEEP

12288:GXb3BVSFNwgMqc02oiEKb5hPzCsDEUpMLdEWw2KzZc:GXb3BaNw22oahusD0Rhw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166c0f66fb6d85510c0d31a1a0179029_JaffaCakes118

Files

166c0f66fb6d85510c0d31a1a0179029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeb55c53d5ddd1f2e92fdc330010e6cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuW
ShowCaret
ToAscii
DdeKeepStringHandle
PackDDElParam
FlashWindowEx
GetWindowTextA
GetShellWindow
ShowWindow
IsIconic
DdeReconnect
SetCaretBlinkTime
GetCursorPos
AppendMenuA
SendIMEMessageExW
GetDoubleClickTime
CreateDialogParamA
RegisterClassA
CreateWindowExA
CallNextHookEx
DefWindowProcA
CharNextW
GetSysColor
CreateMDIWindowA
GrayStringW
UnpackDDElParam
MessageBoxW
LookupIconIdFromDirectory
EnumDesktopsA
CheckRadioButton
CharUpperA
SetDeskWallpaper
LockWindowUpdate
DispatchMessageW
MessageBeep
RegisterClassExA
DestroyWindow
RemovePropW
IsCharUpperA
GetWindowLongA
MsgWaitForMultipleObjects
CreateDesktopW
WindowFromPoint
WinHelpW
LoadKeyboardLayoutW
MessageBoxIndirectA
SendMessageTimeoutW
GetMenuItemID
ShowScrollBar

comctl32

CreateToolbar
ImageList_EndDrag
ImageList_Replace
InitCommonControlsEx
ImageList_Read
ImageList_SetImageCount
ImageList_Destroy
ImageList_Add
CreateToolbarEx
ImageList_GetFlags
ImageList_Remove
ImageList_DragMove
CreateMappedBitmap
ImageList_GetImageRect
MakeDragList
ImageList_Write
ImageList_SetBkColor
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_DragEnter
CreateStatusWindow
ImageList_Merge
CreateStatusWindowW
ImageList_SetDragCursorImage
ImageList_Create

wininet

FindFirstUrlCacheEntryExW

advapi32

LookupSecurityDescriptorPartsA
CryptHashData
InitiateSystemShutdownW
CryptGenKey
RegConnectRegistryA
RegNotifyChangeKeyValue
RegEnumValueW
RegOpenKeyA
CryptDuplicateKey
CryptDuplicateHash
RegEnumKeyExA
RegEnumKeyA
LookupAccountSidA
AbortSystemShutdownA
CryptGetDefaultProviderA
CryptExportKey

kernel32

FlushFileBuffers
GlobalGetAtomNameW
GetUserDefaultLCID
InterlockedIncrement
HeapReAlloc
CreateFileA
WriteConsoleA
DeleteCriticalSection
GetCurrentThread
VirtualFree
GetACP
CompareStringW
SetFilePointer
FreeLibrary
HeapCreate
GetLocaleInfoA
GetProcAddress
TlsGetValue
InterlockedExchange
CompareStringA
WriteConsoleW
GetCurrentProcess
VirtualQuery
TlsFree
GetCommandLineA
CreateMutexA
SetLastError
TryEnterCriticalSection
VirtualAlloc
IsBadReadPtr
GetTimeZoneInformation
LCMapStringW
GetCPInfo
ReadFile
SetHandleCount
SetConsoleCtrlHandler
GetCurrentProcessId
SetEnvironmentVariableA
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
InitializeCriticalSection
LoadLibraryA
LeaveCriticalSection
HeapSize
EnterCriticalSection
GetLocaleInfoW
OpenMutexA
HeapAlloc
GetTimeFormatA
TerminateProcess
GetTimeFormatW
EnumTimeFormatsA
GetEnvironmentStrings
TlsAlloc
SetFileAttributesA
LCMapStringA
TlsSetValue
HeapDestroy
GetStdHandle
HeapLock
EnumSystemLocalesA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetTickCount
GetLastError
GetVersionExA
GetStartupInfoA
GetStringTypeA
MultiByteToWideChar
IsValidLocale
SetEnvironmentVariableW
GetCurrentThreadId
GetProcessHeap
SetStdHandle
GetDateFormatA
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement
GetConsoleCP
ExitProcess
GetConsoleOutputCP
WideCharToMultiByte
GetConsoleMode
GetOEMCP
GetModuleFileNameA
GetModuleHandleA
Sleep
CloseHandle
RtlUnwind
GetStringTypeW
IsValidCodePage

shell32

ShellHookProc
DragQueryFileA
FindExecutableW
ExtractIconA

comdlg32

PageSetupDlgA

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeb55c53d5ddd1f2e92fdc330010e6cc

Headers

File Characteristics

Imports

user32

comctl32

wininet

advapi32

kernel32

shell32

comdlg32

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 52KB - Virtual size: 48KB