2266ae122f910c7330b0874c42ab1bad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2266ae122f910c7330b0874c42ab1bad_JaffaCakes118
Size

596KB
MD5

2266ae122f910c7330b0874c42ab1bad
SHA1

bd785c5b6888f0d7801a5d1390548ddcbc06be93
SHA256

f08118635eeac549e4df1d69c3de45ad546272ecde60d6e29c1e33cc2c069338
SHA512

6bab1670bad2824117111be29343bed52f73eeef59381159b8d2fb70f03f56e28931ef96cb769e95752454a3a77c8c332b7dae060523c285a741ce18931a323f
SSDEEP

12288:ZTI5wUYRCRVbWW/a6gEUgZk6vtDZpis11gsQzau4:dI+UeCRpWWO3ckg1pisTgseN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2266ae122f910c7330b0874c42ab1bad_JaffaCakes118

Files

2266ae122f910c7330b0874c42ab1bad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c29f133b2c653f8d349fe11de47b8dbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

user32

DrawTextExA
DestroyWindow
GetClassInfoW
CreateWindowExW
DlgDirSelectExA
IsCharLowerA
CharToOemA
GetWindowWord
GetUserObjectSecurity
SetMenuItemInfoA
SetRectEmpty
GetProcessWindowStation
GetWindowRect
SetParent
EnumClipboardFormats
DefFrameProcW
EnumDisplaySettingsExA
RegisterClassExA
GetMessageW
GetScrollBarInfo
FindWindowA
GetMenuStringW
GetPropA
FrameRect
GetCaretBlinkTime
GetDCEx
CharPrevA
LookupIconIdFromDirectory
SetDlgItemTextA
NotifyWinEvent
ExitWindowsEx
MessageBoxA
GetGUIThreadInfo
RegisterClassA
PeekMessageA
GetClipboardViewer
ShowWindow
TabbedTextOutA
IntersectRect
TranslateMessage
HideCaret
DdeCreateDataHandle
DefWindowProcW
GetWindowInfo
CreateDialogIndirectParamA
SetMenuItemInfoW
RegisterClipboardFormatW
GetOpenClipboardWindow
WINNLSEnableIME
GetWindowPlacement
wvsprintfA
ClipCursor
GetTopWindow

kernel32

WriteFile
CreateProcessW
CreateProcessA
GetCompressedFileSizeA
LocalFree
CreateWaitableTimerA
LCMapStringA
GetProfileStringA
LocalReAlloc
TlsSetValue
GetModuleHandleW
SetThreadAffinityMask
GetLongPathNameA
CompareStringA
GetStdHandle
SetStdHandle
GetConsoleMode
GetLocalTime
SetFilePointer
GlobalCompact
HeapCreate
RemoveDirectoryA
FillConsoleOutputCharacterW
GetDiskFreeSpaceA
InitializeCriticalSection
ExpandEnvironmentStringsW
GetCurrentProcessId
CommConfigDialogW
GetTickCount
GetCurrentThread
IsBadWritePtr
InterlockedExchange
GetEnvironmentStrings
GetStringTypeW
EnumCalendarInfoExA
FreeEnvironmentStringsW
FlushFileBuffers
InterlockedIncrement
OpenProcess
VirtualQuery
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetCurrentDirectoryA
GetCommandLineW
FreeEnvironmentStringsA
WriteProfileSectionW
SetLastError
GetModuleHandleA
GetLocaleInfoW
GetACP
GetVersion
VirtualFree
lstrcpynA
GetEnvironmentStringsW
WideCharToMultiByte
GetComputerNameW
GetFileType
HeapFree
lstrcmpA
GetPrivateProfileIntA
QueryPerformanceCounter
ReadFile
GetProfileIntA
GetThreadContext
DebugBreak
RtlUnwind
LoadLibraryA
GetTempFileNameW
GetEnvironmentStringsA
TlsFree
ExitProcess
CompareFileTime
GetNamedPipeHandleStateA
GetModuleFileNameA
LocalAlloc
SetConsoleActiveScreenBuffer
GetSystemTime
GetCommandLineA
GetStringTypeA
GetSystemTimeAsFileTime
GetLastError
ReadConsoleW
CloseHandle
UnhandledExceptionFilter
TlsAlloc
SetHandleCount
GetCPInfo
GetCurrentProcess
EnumResourceTypesW
FindFirstFileExW
GetCalendarInfoW
GetOEMCP
VirtualFreeEx
GetShortPathNameA
TerminateProcess
EnterCriticalSection
GetProcAddress
SetFileTime
WritePrivateProfileStructW
GetNamedPipeInfo
LeaveCriticalSection
WriteProfileSectionA
SetComputerNameW
DeleteCriticalSection
GlobalGetAtomNameW
GetStartupInfoA
EnumResourceTypesA
GetConsoleOutputCP
OpenEventW
VirtualAllocEx
CreateMutexA
VirtualAlloc
SetEnvironmentVariableW
MultiByteToWideChar
HeapReAlloc
WritePrivateProfileStructA
GetCurrentThreadId
WriteProfileStringW
InterlockedDecrement
FlushInstructionCache
OpenMutexA
LockResource
HeapAlloc
GetProfileSectionA
GetTimeZoneInformation
ExitThread
TlsGetValue
GlobalFix
GetUserDefaultLCID
WritePrivateProfileStringA
HeapDestroy
GetConsoleTitleW
ReadConsoleOutputCharacterW
ResumeThread

comdlg32

ChooseColorA
GetOpenFileNameA

advapi32

RegCreateKeyA
RegCreateKeyW
RegQueryValueW
CryptEnumProvidersW
RegQueryInfoKeyA
CryptSetProviderW
LookupAccountSidA
RegRestoreKeyW
LookupPrivilegeValueA
RegOpenKeyW
RegQueryValueExA
RegQueryValueA
CryptGetDefaultProviderW
CryptVerifySignatureW
LookupPrivilegeDisplayNameA
CryptDuplicateKey
CryptGetKeyParam
RegFlushKey
GetUserNameW

shell32

FindExecutableA
ExtractAssociatedIconA

comctl32

InitCommonControlsEx
ImageList_GetImageCount
ImageList_AddIcon
ImageList_SetDragCursorImage
ImageList_DrawIndirect
ImageList_Destroy
CreateStatusWindowA
ImageList_DragShowNolock
CreateToolbar
ImageList_LoadImageW
_TrackMouseEvent
MakeDragList
ImageList_Read
ImageList_BeginDrag
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Replace
CreateStatusWindow
ImageList_SetOverlayImage

gdi32

DescribePixelFormat
CreateDIBitmap
CreateDCA
Escape
CreatePenIndirect
GetCharWidth32A
GetDeviceCaps
GdiFlush
PatBlt
DeleteDC
SetMapMode
SetBkColor
GetTextFaceW
CreateDCW
gdiPlaySpoolStream
EndPage
SetTextCharacterExtra
GetObjectW
BeginPath
PtInRegion
PlayMetaFileRecord
LineDDA
SetViewportOrgEx
CheckColorsInGamut

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c29f133b2c653f8d349fe11de47b8dbd

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

advapi32

shell32

comctl32

gdi32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 124KB

.rsrc Size: 56KB - Virtual size: 53KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 124KB

.rsrc
Size: 56KB - Virtual size: 53KB