248aec9075678fe53350f010b2338763_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

248aec9075678fe53350f010b2338763_JaffaCakes118
Size

652KB
MD5

248aec9075678fe53350f010b2338763
SHA1

66577575052fb5692258fffef2976bb290e2083e
SHA256

b1bc695b40c0825ed8547daed15dd7d6c2c2152121395ae19c8d04ef8974fbc8
SHA512

fc82319f99de8f1029b190d57cb8c4703d89310014ea04af826e2fd090ce758bc287cd8f2cbf5cce72769f37279a03845550a456230040074bcc482e7ebcb2b6
SSDEEP

12288:aAN4RCxuyNrWKkaliAoHjrGTLBqmHvh01zrx:f43yNiK1liAOkLBqmHWr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
248aec9075678fe53350f010b2338763_JaffaCakes118

Files

248aec9075678fe53350f010b2338763_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f957e238f936b2ba38e9277e5e651110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

user32

TileWindows
EqualRect
DefWindowProcW
DdeQueryNextServer
IsZoomed
MessageBoxW
DispatchMessageA
GetWindowContextHelpId
SetWindowContextHelpId
CreateIconFromResourceEx
LoadBitmapW
AdjustWindowRect
TileChildWindows
CopyIcon
DestroyWindow
ChangeDisplaySettingsW
RegisterClassA
ReleaseDC
RegisterClassExA
CreateWindowExA
GetMenuCheckMarkDimensions
IsChild
GetKeyboardState
ShowWindow

gdi32

DeleteDC
GetGraphicsMode
GetObjectA
GetMapMode
CreateScalableFontResourceW
CreateDCW
WidenPath
GetDeviceCaps
DescribePixelFormat

advapi32

AbortSystemShutdownW
ReportEventA
CryptDeriveKey
RegDeleteKeyA
RegDeleteKeyW
RegConnectRegistryA
LookupPrivilegeValueW
CryptDuplicateHash
RegOpenKeyExW
CryptVerifySignatureW
CryptDestroyHash
RegCreateKeyExW
CryptSignHashA
InitiateSystemShutdownA
RegSaveKeyW
RegEnumValueW

wininet

InternetAlgIdToStringW

kernel32

VirtualUnlock
IsBadWritePtr
VirtualProtect
RemoveDirectoryA
FlushFileBuffers
GetModuleFileNameW
DosDateTimeToFileTime
GetProfileIntA
GetStringTypeA
UnhandledExceptionFilter
GetSystemDirectoryA
GetLocaleInfoA
CreateDirectoryW
GetProfileStringA
SetStdHandle
LocalFlags
GetModuleHandleA
WideCharToMultiByte
SetEnvironmentVariableA
GetSystemDefaultLCID
MoveFileW
GetFileType
GetDriveTypeW
GetCurrentProcessId
CopyFileA
HeapDestroy
GetCPInfo
GetStartupInfoW
SetFilePointer
LCMapStringW
GetNamedPipeHandleStateA
SetConsoleOutputCP
CreateMutexA
CompareStringA
HeapCreate
LoadLibraryA
DeleteCriticalSection
ReadFile
GetProcAddress
DebugBreak
GetConsoleScreenBufferInfo
SetCurrentDirectoryW
WriteConsoleOutputW
GetTimeFormatA
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
TlsGetValue
EnumSystemLocalesA
FreeEnvironmentStringsA
VirtualQuery
HeapSize
WriteProfileSectionA
FillConsoleOutputAttribute
LocalFree
GetVersionExA
GetCommandLineW
FindNextFileA
WriteConsoleOutputCharacterA
WritePrivateProfileStructA
GetCommandLineA
GetUserDefaultLCID
GetTempPathW
GetTickCount
AllocConsole
FillConsoleOutputCharacterW
GetConsoleOutputCP
OpenMutexA
EnterCriticalSection
WriteProfileStringA
GetDateFormatA
CreateMutexW
WriteConsoleOutputCharacterW
QueryPerformanceCounter
WriteFile
TlsSetValue
GetSystemInfo
GetCurrentProcess
GetWindowsDirectoryW
TlsAlloc
SetComputerNameA
GetStringTypeW
InterlockedCompareExchange
GetConsoleCP
TlsFree
lstrlenA
SetLastError
GetProfileSectionA
TerminateThread
SetVolumeLabelW
GetFileAttributesExW
ExitProcess
RtlUnwind
SetConsoleTitleA
WriteFileEx
HeapAlloc
FindAtomW
HeapReAlloc
GetCurrentThread
GetOEMCP
SetHandleCount
GetAtomNameA
RtlMoveMemory
GetStdHandle
IsBadReadPtr
GetFullPathNameW
GlobalCompact
TerminateProcess
FreeEnvironmentStringsW
InterlockedExchange
CloseHandle
MultiByteToWideChar
AddAtomW
GetStartupInfoA
ReadFileEx
GetNamedPipeHandleStateW
SetEnvironmentVariableW
lstrcpyW
IsValidCodePage
FindClose
VirtualProtectEx
ConvertDefaultLocale
GetLastError
GetEnvironmentStrings
VirtualFree
LeaveCriticalSection
VirtualLock
IsValidLocale
GetCurrentThreadId
GetLongPathNameW
GlobalFree
VirtualAlloc
GetModuleFileNameA
GetFileAttributesA
InitializeCriticalSection
GetACP
WriteConsoleW
LCMapStringA
GetPrivateProfileIntA
EnumSystemLocalesW
CompareStringW
CreateDirectoryExA
EnumResourceNamesW
GetEnvironmentStringsW
ReadConsoleOutputCharacterW
GlobalGetAtomNameW
GetLocaleInfoW
GetPrivateProfileStructA

comctl32

ImageList_SetOverlayImage
ImageList_Remove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_DragMove
GetEffectiveClientRect
CreateStatusWindowA
InitCommonControlsEx
CreateUpDownControl
ImageList_Replace
ImageList_Merge
ImageList_SetIconSize
ImageList_DrawEx

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f957e238f936b2ba38e9277e5e651110

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

advapi32

wininet

kernel32

comctl32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 116KB - Virtual size: 138KB

.rsrc Size: 112KB - Virtual size: 109KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 116KB - Virtual size: 138KB

.rsrc
Size: 112KB - Virtual size: 109KB