1a1554208d0368dd6ec3a4692c9e86c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a1554208d0368dd6ec3a4692c9e86c9_JaffaCakes118
Size

132KB
MD5

1a1554208d0368dd6ec3a4692c9e86c9
SHA1

b3f2ea0d5d875773619874be07fe37731b364e2e
SHA256

90d5d5364d91a36401a3b1fa31a43fcaad03a5839cf881f9cad896a9897ad8be
SHA512

fe76aec299ef569685b1498db24577fff93b6cf4ed004dd2d9354263a491bcef2e055ceaa98aa211ae39062c6876543a93fa3575646fd4daaa2f7bd2aedefacc
SSDEEP

3072:UWy0eoExfLDRarNNKZ8OwjICUcJF1f0Gm1HrRNhLQwG:xHuLiNKZ8b2As3jt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a1554208d0368dd6ec3a4692c9e86c9_JaffaCakes118

Files

1a1554208d0368dd6ec3a4692c9e86c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5c3c17c7f3b8157f771b2e81d702906

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIconEx
LoadIconA
ShowWindow
GetKeyboardLayout
IsWindowUnicode
DefWindowProcA
GetMenuItemInfoW
EnableWindow
RemoveMenu
GetSystemMenu
CreatePopupMenu
FillRect
EndDeferWindowPos
ReuseDDElParam
CharUpperW
SetMenuItemInfoA
SetCaretPos
CharLowerBuffA
CharToOemA
PostQuitMessage
CheckMenuItem
LoadStringA
GetCursorPos
SetClassLongA
GetFocus
SetScrollInfo
GetKeyNameTextW
GetMenuStringA
SetDlgItemTextA
TrackPopupMenu
InvalidateRect
ShowOwnedPopups
GetKeyboardType
SetForegroundWindow
InsertMenuA
IsZoomed
SetWindowLongW
SetCapture
DestroyCaret
CopyImage

gdi32

CreateCompatibleBitmap
CreateBrushIndirect
GetBkColor
GetTextExtentPoint32A
StartDocA
GetPixel
GetSystemPaletteEntries
GetPaletteEntries
FillRgn
SelectPalette
CombineRgn
CreateICA
StretchBlt

cryphtui

_Toupper
_FEps
_Mbrtowc
_FDnorm
_Inf
_LExp
_Getctype
_Dnorm
_FInf
_Cosh

kernel32

CloseHandle
CompareStringA
GetCommandLineW
GetCurrentThread
CreateThread
WriteFile
GlobalFree
lstrlenA
GetDiskFreeSpaceA
CreateProcessA
DeleteCriticalSection
lstrlenW
MapViewOfFileEx
GetTickCount
GetFileAttributesW
IsValidCodePage
UnmapViewOfFile
GlobalUnlock
GetModuleHandleA
GetWindowsDirectoryA
ResetEvent
GlobalGetAtomNameA
FlushInstructionCache
HeapFree
TerminateProcess
MultiByteToWideChar
VirtualQueryEx
HeapAlloc
GlobalAlloc
GetProfileStringA
GetModuleFileNameW
WaitForMultipleObjects
VirtualAlloc
lstrcmpA
FileTimeToSystemTime
UnmapViewOfFile
CreateFileMappingA
FreeLibrary
GetLocalTime
GlobalMemoryStatus

wininet

InternetQueryOptionA
InternetCloseHandle
InternetCombineUrlA
InternetSetOptionA

ole32

CoDisconnectObject
OleDraw
CoCreateInstance
DoDragDrop
RegisterDragDrop
CreateStreamOnHGlobal

comctl32

ImageList_GetBkColor
ImageList_Destroy
ImageList_SetIconSize
ImageList_GetIconSize

advapi32

RegSetValueExA
InitializeSecurityDescriptor
RegEnumKeyExA

shell32

SHGetPathFromIDListA
SHGetDesktopFolder

comdlg32

ChooseFontA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oleaut32

SafeArrayDestroy
VariantCopyInd
GetErrorInfo

imm32

ImmGetContext

urlmon

CoInternetCreateZoneManager

Sections

.text
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5c3c17c7f3b8157f771b2e81d702906

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

cryphtui

kernel32

wininet

ole32

comctl32

advapi32

shell32

comdlg32

version

oleaut32

imm32

urlmon

Sections

.text Size: 106KB - Virtual size: 108KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 106KB - Virtual size: 108KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB