21f03387c097123b2afc96a0b96af06d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21f03387c097123b2afc96a0b96af06d_JaffaCakes118
Size

548KB
MD5

21f03387c097123b2afc96a0b96af06d
SHA1

f4e35a126ec8fb5e8792ca9fa6457947e852a670
SHA256

60f88a6ab09eade5ea95a2a1ce45308852f79e28aa384fb5108fd361c07d9f9c
SHA512

2f9c662387cf7887ae3206c9497ea3859872e73bd9c2a933aacbe50b70eccc44112f46a783b55bbf1f30b7f162a80aa63e284dceacf95861edff63035ba91174
SSDEEP

12288:48NKCtDiqM0UnfIQmAJSgoEMWoN32OTCNtAo//18tLstpkv:4KM0UnfqX3/N2OStK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21f03387c097123b2afc96a0b96af06d_JaffaCakes118

Files

21f03387c097123b2afc96a0b96af06d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e94806f7e9af18455c13a26ffa5d30d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CopyMetaFileA

comctl32

MakeDragList
ImageList_SetDragCursorImage
ImageList_LoadImage
ImageList_Read
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_SetFlags
ImageList_GetDragImage
ImageList_DragLeave
DrawStatusTextA
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_SetIconSize
ImageList_Create
ImageList_SetFilter
CreateStatusWindow
ImageList_DrawEx
ImageList_SetBkColor
ImageList_GetIconSize
InitCommonControlsEx
CreateMappedBitmap
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_LoadImageA

shell32

CommandLineToArgvW
SHFileOperationW
DuplicateIcon
DragQueryFileW

kernel32

IsBadReadPtr
EnterCriticalSection
SetEnvironmentVariableA
EnumResourceLanguagesW
GetModuleHandleA
SetStdHandle
GetEnvironmentStrings
FindResourceExW
GetSystemTimeAsFileTime
TlsSetValue
GetProfileIntA
ReadFileEx
GetStringTypeA
TlsAlloc
lstrcmp
EnumSystemCodePagesA
WritePrivateProfileSectionW
WritePrivateProfileSectionA
LCMapStringA
GetTempPathW
OpenMutexA
GetStartupInfoA
TlsFree
WaitForSingleObject
GetFileType
AddAtomA
FreeEnvironmentStringsW
GetCurrentProcess
RtlUnwind
lstrcpynA
EnumCalendarInfoExW
GetModuleFileNameA
GetProcAddress
RemoveDirectoryW
EnumResourceNamesW
EnumDateFormatsA
GetCommandLineA
GetLastError
LeaveCriticalSection
GetProfileStringW
GetCPInfo
HeapCreate
WriteConsoleOutputW
LocalFree
CreateMailslotA
FreeResource
InterlockedExchange
GetUserDefaultLCID
GetStringTypeW
VirtualFree
SetConsoleCtrlHandler
FreeLibraryAndExitThread
CreateFileA
FormatMessageW
HeapAlloc
IsBadWritePtr
GetOEMCP
VirtualAlloc
HeapDestroy
FreeEnvironmentStringsA
MultiByteToWideChar
EnumSystemLocalesW
GetLocaleInfoW
SystemTimeToTzSpecificLocalTime
ExitProcess
SetVolumeLabelA
GetCurrentThreadId
GetVersionExA
HeapReAlloc
WaitNamedPipeW
GetLongPathNameW
GetProfileSectionA
GetDateFormatA
ContinueDebugEvent
CompareStringA
VirtualProtect
CompareStringW
GetTickCount
QueryPerformanceCounter
SetHandleCount
WaitNamedPipeA
SetLocaleInfoW
WriteConsoleInputW
OutputDebugStringW
LocalFlags
IsValidLocale
GetStdHandle
SetFileAttributesW
IsValidCodePage
GetSystemInfo
GetACP
WriteFile
GetLocaleInfoA
UnlockFile
WriteConsoleOutputCharacterW
FindFirstFileW
GetEnvironmentStringsW
HeapSize
EnumResourceNamesA
GetCurrentThread
GetThreadPriorityBoost
GlobalAlloc
ReadConsoleOutputA
SetCriticalSectionSpinCount
ReadFile
GetCurrencyFormatA
GetTimeZoneInformation
LoadLibraryA
TlsGetValue
lstrcpy
InterlockedExchangeAdd
GetUserDefaultLangID
HeapFree
InitializeCriticalSection
ReadConsoleOutputAttribute
SetFilePointer
CloseHandle
DeleteCriticalSection
OpenEventA
CreateMutexA
SetConsoleMode
GetTimeFormatA
CommConfigDialogW
GetCurrentProcessId
VirtualQuery
RaiseException
EnumSystemLocalesA
MoveFileA
SetTimeZoneInformation
GetProcessHeap
FlushFileBuffers
SetLastError
LCMapStringW
TerminateProcess
GetThreadLocale
ConnectNamedPipe
GlobalReAlloc
UnhandledExceptionFilter
LoadResource
GetFileAttributesExW
WideCharToMultiByte
ReadConsoleW

user32

RegisterClassA
InflateRect
GetScrollRange
SendDlgItemMessageW
OpenDesktopA
CopyImage
DdeDisconnectList
DestroyWindow
SendMessageTimeoutW
IsCharUpperW
ShowWindow
OemToCharBuffA
CharPrevA
GetUserObjectInformationW
GetSysColorBrush
RegisterClassExA
AnimateWindow
RegisterClipboardFormatW
DefWindowProcW
GetCaretPos
DdeSetUserHandle
GetMenuState
SetWindowsHookExA
MessageBoxA
ShowScrollBar
CreateWindowExA
GetParent

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e94806f7e9af18455c13a26ffa5d30d

Headers

File Characteristics

Imports

gdi32

comctl32

shell32

kernel32

user32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 108KB - Virtual size: 115KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 108KB - Virtual size: 115KB

.rsrc
Size: 12KB - Virtual size: 10KB