21a8e16b501c022ca99ceefda99af9ed_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

21a8e16b501c022ca99ceefda99af9ed_JaffaCakes118
Size

656KB
MD5

21a8e16b501c022ca99ceefda99af9ed
SHA1

55e5a1b5daa8e588e6b2ead2ea8552250f6a90cd
SHA256

fa82d80f8f7fca6ea19e2aa7900cfc2dbc12a1581aac23000666250516e26bb4
SHA512

bd077dcc0e59981d9b5831697dfde7718bb6f4515a11dcbf9bc40fbc8f017b00e6cb1ef60277babfd26f7a5090a936f259ccb9c62df3d7b36a81688c8ae5725a
SSDEEP

12288:+NvcdtDn7Ifxcxpv3VvDB4NxgF9BcuR7T3QLFxEuegkhn:sEdZI2pvx14jKvxT3uxE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21a8e16b501c022ca99ceefda99af9ed_JaffaCakes118

Files

21a8e16b501c022ca99ceefda99af9ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d47c53e34ba5137964c961c97071718f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\rw

Imports

comctl32

InitCommonControlsEx
ImageList_Remove

user32

GetClassNameW
GetClipboardFormatNameW
SendDlgItemMessageW
AppendMenuW
DestroyWindow
SetShellWindow
SetProcessDefaultLayout
ReleaseDC
GetScrollPos
EnumDisplaySettingsW
ShowWindow
LoadBitmapW
CopyImage
WINNLSGetEnableStatus
ClipCursor
CreateWindowExW
OpenClipboard
SetCaretBlinkTime
TranslateMDISysAccel
PostQuitMessage
DestroyAcceleratorTable
CharToOemA
MessageBoxA
SetWindowPlacement
GetWindowInfo
GetWindowTextLengthA
IsCharUpperA
SetMenuItemInfoW
OpenIcon
DdeUnaccessData
RegisterClassA
GetWindowModuleFileNameW
OffsetRect
CreateIconIndirect
GetSysColor
CallMsgFilterA
CloseDesktop
DrawTextExW
DrawMenuBar
VkKeyScanExA
DdeAddData
PostMessageA
IsCharAlphaNumericA
PackDDElParam
DefWindowProcW
GetWindowTextLengthW
MsgWaitForMultipleObjectsEx
AttachThreadInput
RegisterClassExA
EnumWindows
SetDlgItemInt
DeferWindowPos
TileWindows
GetGuiResources

kernel32

GetDriveTypeW
GetSystemTimeAdjustment
EnumCalendarInfoExW
IsValidLocale
GetProcAddress
EnumSystemLocalesW
EnumSystemLocalesA
lstrcpyn
GetProcessAffinityMask
WritePrivateProfileStringW
EnterCriticalSection
GetTempFileNameA
VirtualQuery
GetTimeFormatA
GetACP
InterlockedDecrement
IsDebuggerPresent
GlobalAlloc
CreateMutexA
GetCommandLineA
GetStdHandle
Sleep
HeapDestroy
WriteConsoleA
SetLastError
HeapSize
SetFileAttributesW
WriteFile
LocalCompact
GetCurrentDirectoryA
GetConsoleOutputCP
OpenEventA
TerminateProcess
QueryPerformanceCounter
ReadFile
InterlockedIncrement
GetConsoleMode
SetHandleCount
CompareStringW
CloseHandle
LoadLibraryA
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
GetCurrentProcessId
GetCommandLineW
GetCurrentProcess
GetConsoleCP
CreateWaitableTimerA
IsValidCodePage
FreeEnvironmentStringsW
SetEnvironmentVariableA
OpenFile
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
TlsSetValue
SetConsoleCtrlHandler
FreeLibrary
SetSystemTime
GetStartupInfoA
GetLogicalDrives
GetOEMCP
GetLocaleInfoA
CreateFileA
lstrcat
GetFileType
LeaveCriticalSection
WideCharToMultiByte
GetPriorityClass
lstrlenA
HeapFree
GetSystemTimeAsFileTime
RtlFillMemory
GetTimeZoneInformation
GetEnvironmentStringsW
GetWindowsDirectoryA
GetModuleHandleW
VirtualAlloc
GetStringTypeA
FillConsoleOutputAttribute
GetConsoleTitleA
TlsAlloc
VirtualAllocEx
GetCPInfo
FlushFileBuffers
SetConsoleWindowInfo
GetSystemDirectoryW
InterlockedExchange
HeapAlloc
LocalShrink
LCMapStringW
TlsFree
GetStringTypeW
SetStdHandle
SetLocalTime
GetDateFormatA
ExitProcess
GetLastError
LCMapStringA
VirtualFree
TlsGetValue
GetModuleHandleA
GetShortPathNameA
ExitThread
GetStringTypeExA
MoveFileW
FindAtomA
RtlUnwind
CreateSemaphoreA
GetLocaleInfoW
CompareStringA
GetEnvironmentStrings
GetStartupInfoW
OpenMutexA
HeapCreate
GetCurrentThreadId
GetModuleFileNameW
GetTickCount
GetModuleFileNameA
GetComputerNameA
SetFilePointer
GetCurrentThread
GetUserDefaultLCID
WriteConsoleW
FlushConsoleInputBuffer
WaitNamedPipeW
MapViewOfFile
GetNamedPipeInfo

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d47c53e34ba5137964c961c97071718f

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 228KB - Virtual size: 226KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 48KB - Virtual size: 44KB