1a2444a3cb2e9c72801ed907d324fdbb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a2444a3cb2e9c72801ed907d324fdbb_JaffaCakes118
Size

492KB
MD5

1a2444a3cb2e9c72801ed907d324fdbb
SHA1

ab856ff826d20e54bb43223809c2e28601634a3a
SHA256

605998b7fda2c8dffc260298d88cc607083a77df59fd618c0afb9f6ea2774eee
SHA512

b90fed84b1cbde1cb1dcf81592c51ea47b38564c0671089a6f916bbaec6eb3df465876aae2def9d3beede5ca5cc2469e0aa9ed2d38a57d28d9dcabfb79565ad3
SSDEEP

12288:Uz0BN0Hqxg5XYGHK/HbqUo/7az6784J3sK:UzLMg5oGqTYJ/J3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a2444a3cb2e9c72801ed907d324fdbb_JaffaCakes118

Files

1a2444a3cb2e9c72801ed907d324fdbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa9e85e7582fb0e9750d7f0dcffcd951

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
FreeEnvironmentStringsA
GetLastError
VirtualQuery
TlsFree
VirtualProtect
GetVersionExA
VirtualAlloc
VirtualFree
GetEnvironmentStringsW
GetOEMCP
WideCharToMultiByte
HeapFree
LeaveCriticalSection
SetHandleCount
GetLocaleInfoA
GetModuleHandleA
IsBadWritePtr
UnhandledExceptionFilter
SetFilePointer
TlsSetValue
GetTimeZoneInformation
GetStartupInfoW
GetCurrentProcessId
CreateMutexW
GetModuleHandleW
EnterCriticalSection
IsBadReadPtr
GetFileType
RaiseException
RtlUnwind
OutputDebugStringA
GetCommandLineA
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedIncrement
GetStartupInfoA
GetSystemInfo
GetCurrentThreadId
GetEnvironmentStrings
DeleteCriticalSection
GetStringTypeW
TlsGetValue
GetModuleFileNameA
ReadFile
GetACP
LCMapStringW
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetDateFormatA
DebugBreak
HeapReAlloc
IsBadCodePtr
FlushFileBuffers
GetTimeFormatA
GetProcAddress
LCMapStringA
HeapCreate
TerminateProcess
HeapValidate
GetTickCount
HeapAlloc
CompareStringW
GetStdHandle
HeapDestroy
GetCurrentProcess
CloseHandle
QueryPerformanceCounter
GetCommandLineW
LoadLibraryA
MultiByteToWideChar
SetEnvironmentVariableA
SetLastError
GetStringTypeA
TlsAlloc
InitializeCriticalSection
LoadLibraryW
CompareStringA
GetCPInfo
InterlockedExchange
GetModuleFileNameW
InterlockedDecrement

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
ord155
SHGetMalloc
DragFinish
SHBrowseForFolderA

comctl32

ImageList_AddMasked
ImageList_GetImageInfo
ImageList_ReplaceIcon
ord17
ImageList_GetIcon

gdi32

ExcludeClipRect
DPtoLP
IntersectClipRect
GetBitmapDimensionEx
SelectClipPath
ExtTextOutA
CreateICA
ResetDCA
CreateBitmapIndirect
SetPixelV
GetGlyphOutlineA
StretchBlt
GetOutlineTextMetricsA
GetDeviceCaps
SetBkColor
GetMapMode
GetTextCharacterExtra
PathToRegion
GetPolyFillMode
Arc
CopyMetaFileA
GetTextAlign
GetStretchBltMode
SetBitmapDimensionEx
DeleteObject

user32

LoadStringW
DestroyMenu
DispatchMessageW
GetDC
ReleaseCapture
CopyIcon
DefWindowProcW
LoadBitmapW
RegisterClassW
ReuseDDElParam
CharNextW
GetMenuItemCount
DestroyAcceleratorTable
FillRect
GetActiveWindow
DestroyWindow
IsMenu
CheckMenuItem
EndDialog
TrackPopupMenu
GetMenuStringW
GetClassNameW
SetActiveWindow
SetScrollPos
ValidateRect
GetWindowRect
ShowWindow
GetDlgCtrlID
DestroyIcon
EqualRect
PostQuitMessage
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
FrameRect
SendDlgItemMessageA
SendDlgItemMessageW
IsWindowVisible
ReleaseDC
SetDlgItemTextW
LoadIconW
GetNextDlgGroupItem
SetRect
GetKeyState
SetWindowLongW
MessageBoxW
DrawTextW
GetClientRect
LoadMenuW
EndPaint
GetDesktopWindow
DragDetect
BeginPaint
DrawIconEx
SetMenuItemInfoW
GetParent
ScreenToClient
RegisterClassExW
CreateWindowExW
KillTimer
GetCursorPos
CreatePopupMenu
LoadAcceleratorsW
InvalidateRect
PtInRect
GetMenuItemID
LoadCursorW

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
StrFormatByteSizeW
PathFindExtensionW
PathRemoveExtensionW
PathIsRootW
PathFileExistsW

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa9e85e7582fb0e9750d7f0dcffcd951

Headers

File Characteristics

Imports

kernel32

shell32

comctl32

gdi32

user32

shlwapi

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 80KB - Virtual size: 106KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 80KB - Virtual size: 106KB

.rsrc
Size: 20KB - Virtual size: 18KB