22068b1c3158825052c0f69cac658f9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22068b1c3158825052c0f69cac658f9d_JaffaCakes118
Size

544KB
MD5

22068b1c3158825052c0f69cac658f9d
SHA1

dc7c5a7afe22474ae46d9d5746a83768937014e0
SHA256

7e9ad092d28ac15bc0bb20f59dcb67777ea343d341bec68ebfdf5d2c627d90f1
SHA512

01c5a78e3d5583912d95c5aea62a7ad60c03c037ba53bc2d83d70d6d991eefcd063776827beb776ea7fe006712b59847bfae4418b108b6a86c91d0e0a65f132e
SSDEEP

12288:NP54bPpRLvB8mV5cXADLfEgzYLEu2/rHiX3fJRHqL1A:NP4MfADT0LEuAiXvJdO1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22068b1c3158825052c0f69cac658f9d_JaffaCakes118

Files

22068b1c3158825052c0f69cac658f9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4caa5c47d5e41b7ea55f3d026cc19ada

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\gt

Imports

comctl32

InitCommonControlsEx
ImageList_Write
ImageList_LoadImageA
ImageList_Create
CreateStatusWindowA
ImageList_Merge
ImageList_GetImageRect
ImageList_LoadImageW
ImageList_LoadImage
ImageList_Destroy
ImageList_GetDragImage
DrawStatusTextA
MakeDragList
ImageList_GetIcon

kernel32

ReadFile
EnumSystemLocalesA
CompareStringA
lstrlen
InterlockedExchangeAdd
GetProcAddress
HeapDestroy
EnterCriticalSection
GetStartupInfoA
CreateMutexA
GlobalDeleteAtom
SetHandleCount
SetConsoleMode
OutputDebugStringA
FindFirstFileW
SetThreadContext
GetPrivateProfileSectionW
FindNextFileW
LCMapStringW
GetCommandLineW
lstrcmpiW
GetStringTypeA
GetVersion
WriteConsoleOutputCharacterA
InterlockedIncrement
OpenSemaphoreW
HeapAlloc
WaitForSingleObjectEx
GetOEMCP
GetCurrentProcessId
CompareStringW
HeapReAlloc
UnhandledExceptionFilter
CreateFileW
TerminateProcess
ExitProcess
TerminateThread
EnumSystemCodePagesW
lstrcpyA
GetFileType
VirtualAlloc
LCMapStringA
DeleteCriticalSection
GetLocaleInfoW
UnlockFile
LoadLibraryA
IsBadWritePtr
TlsAlloc
GetCurrentThread
CloseHandle
GetLastError
GetCurrentThreadId
GetConsoleTitleA
RtlUnwind
TlsGetValue
FreeEnvironmentStringsW
QueryPerformanceCounter
TlsFree
MoveFileA
GetModuleHandleA
GetTempFileNameA
GetCurrentProcess
WriteProfileStringA
GetPrivateProfileStructA
GetPrivateProfileSectionNamesA
GetThreadSelectorEntry
MultiByteToWideChar
HeapCreate
SetTimeZoneInformation
LoadModule
FlushFileBuffers
GetSystemTime
IsValidLocale
GetFileTime
FindResourceExA
HeapFree
TlsSetValue
lstrcpynA
GetNumberFormatA
GetACP
GetEnvironmentStrings
FillConsoleOutputAttribute
WriteFile
AddAtomA
GetFullPathNameW
VirtualQuery
GetTimeZoneInformation
GetEnvironmentStringsA
CreateFileA
GlobalLock
GetModuleHandleW
EnumDateFormatsA
WaitForDebugEvent
SetLastError
InterlockedDecrement
MapViewOfFileEx
GetSystemDirectoryW
TransmitCommChar
RtlMoveMemory
GetCPInfo
SetEnvironmentVariableA
GetEnvironmentStringsW
GetDiskFreeSpaceA
VirtualFree
InitializeCriticalSection
GetProcessHeaps
GetPrivateProfileIntA
GetLocalTime
GetSystemTimeAsFileTime
GetTickCount
GetStringTypeW
GetFileAttributesW
SetFilePointer
TransactNamedPipe
FreeEnvironmentStringsA
GetEnvironmentVariableA
GetCommandLineA
SetStdHandle
LeaveCriticalSection
OpenMutexA
GetModuleFileNameA
ReadConsoleOutputW
GetStdHandle
ResetEvent
RtlZeroMemory
FileTimeToDosDateTime
InterlockedExchange
GetDriveTypeA
WideCharToMultiByte

user32

GetKBCodePage
RegisterClassExA
ChangeMenuW
SetRectEmpty
PeekMessageA
SetWindowRgn
RegisterClassA
ReleaseCapture
DefWindowProcW
OpenWindowStationA
UnhookWinEvent
GetGuiResources
RegisterWindowMessageW
AnimateWindow
CheckDlgButton
CreateWindowExA
DdeImpersonateClient
MessageBoxW
DestroyWindow
CreateDialogIndirectParamW
ShowWindow
SetActiveWindow

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4caa5c47d5e41b7ea55f3d026cc19ada

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 245KB - Virtual size: 244KB

.data Size: 117KB - Virtual size: 126KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 245KB - Virtual size: 244KB

.data
Size: 117KB - Virtual size: 126KB

.rsrc
Size: 9KB - Virtual size: 9KB