2585ee64d91da0013754e3ec1644cc47_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2585ee64d91da0013754e3ec1644cc47_JaffaCakes118
Size

1.2MB
MD5

2585ee64d91da0013754e3ec1644cc47
SHA1

3e91b08305b40b9d11c37b36dc171530820ada06
SHA256

74b52ed4f7f7cf63c606fb20e57977fcd2ef0d1bffb12022d4ec67a5ae357c28
SHA512

2963443f09e7b691daaf0540f2ce886b021a0dc5901e8e5fe2462d15426b836301d3edf34646bc563a2630f22c6ed57071ead20b68605216acfbdda149391886
SSDEEP

24576:tK2t2NrQL4lvmcFXKoAQCa2+7Xz30kNj0e9oiM+pbktyYp6XU+:s5k8lvJF6ozCp+7X5j3l0OT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2585ee64d91da0013754e3ec1644cc47_JaffaCakes118

Files

2585ee64d91da0013754e3ec1644cc47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4154b42cd2d87a1f313625267e23e7de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateMappedBitmap
CreateToolbar
ImageList_GetDragImage
CreatePropertySheetPageA
ImageList_SetOverlayImage
CreateUpDownControl
ImageList_DrawEx
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Copy
ImageList_SetBkColor
ImageList_Create
DrawStatusTextA
ImageList_GetFlags
ImageList_Merge
_TrackMouseEvent
CreateToolbarEx
InitMUILanguage
ImageList_GetImageCount

wininet

FreeUrlCacheSpaceA
InternetInitializeAutoProxyDll
InternetGetCookieA

gdi32

SelectObject
WidenPath
GetDeviceGammaRamp
DeleteDC
FloodFill
SetStretchBltMode
SetWindowExtEx
DeleteObject
CreateBitmapIndirect
SetFontEnumeration
GetObjectW
GetSystemPaletteUse
GetDeviceCaps
GetBkMode
ArcTo
CreateDCW
RectInRegion
ColorMatchToTarget
ExtTextOutA

kernel32

FreeLibrary
EnumSystemLocalesA
CloseHandle
WideCharToMultiByte
FoldStringA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
QueryPerformanceCounter
CompareStringW
VirtualFree
DeleteCriticalSection
SetEnvironmentVariableA
HeapSize
TlsAlloc
SetHandleCount
DosDateTimeToFileTime
EnumSystemCodePagesW
GetSystemDirectoryA
GetStartupInfoA
CreateMutexA
GetModuleFileNameA
TerminateProcess
SetCurrentDirectoryW
HeapCreate
GetSystemTimeAsFileTime
GetOEMCP
GetCurrentProcessId
GetModuleHandleA
GetTimeZoneInformation
GetThreadPriorityBoost
VirtualAlloc
GetCPInfo
GetLocaleInfoW
GetConsoleCursorInfo
GetFileType
LCMapStringA
SetStdHandle
RtlUnwind
HeapAlloc
OpenMutexA
FreeEnvironmentStringsW
SetLastError
UnhandledExceptionFilter
GetVersionExA
GetDateFormatA
GetConsoleCP
GetCurrentProcess
GetLocaleInfoA
GetConsoleOutputCP
IsDebuggerPresent
MultiByteToWideChar
GetShortPathNameW
Sleep
RtlMoveMemory
ReadFile
ReleaseSemaphore
LoadLibraryW
TlsSetValue
LoadLibraryA
GetACP
GetComputerNameA
GetCommandLineA
FreeEnvironmentStringsA
EnumResourceLanguagesA
TlsFree
EnterCriticalSection
HeapFree
SetConsoleCtrlHandler
CreateFileA
LCMapStringW
InterlockedDecrement
GetTimeFormatA
GetTickCount
WriteFile
GetUserDefaultLCID
IsValidLocale
GetProcessHeap
GetEnvironmentStringsW
InterlockedIncrement
OpenSemaphoreA
EnumDateFormatsExW
SetFilePointer
GetCalendarInfoA
SetConsoleCP
GetStringTypeA
CompareStringA
IsValidCodePage
GetCurrentThread
GetProcAddress
GetModuleFileNameW
GetEnvironmentStrings
HeapDestroy
GetStdHandle
SetCriticalSectionSpinCount
GetConsoleMode
GetCompressedFileSizeW
GetFullPathNameA
CreateWaitableTimerW
GetWindowsDirectoryA
InterlockedExchange
TlsGetValue
FlushFileBuffers
VirtualFreeEx
GetLastError
GetStringTypeW
InitializeCriticalSection
WriteConsoleA
VirtualQuery
ExitProcess
GetCurrentThreadId
WriteConsoleW

shell32

CommandLineToArgvW

advapi32

CreateServiceA
InitializeSecurityDescriptor
GetUserNameA
InitiateSystemShutdownW
RegLoadKeyA
StartServiceA
LookupAccountSidA
RegDeleteValueW
RegSetValueW
RegRestoreKeyW
LookupSecurityDescriptorPartsW
CryptGenKey
ReportEventA
CryptGetDefaultProviderA

user32

DefMDIChildProcW
DialogBoxParamA
DlgDirListComboBoxW
ChildWindowFromPoint
ShowScrollBar
DdeInitializeA
ShowWindow
wsprintfA
GetTitleBarInfo
RegisterClassA
GetScrollRange
OffsetRect
GetClipCursor
GetTabbedTextExtentW
RegisterClassExA
GetWindowTextLengthA
UnloadKeyboardLayout

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 744KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4154b42cd2d87a1f313625267e23e7de

Headers

File Characteristics

Imports

comctl32

wininet

gdi32

kernel32

shell32

advapi32

user32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 316KB - Virtual size: 312KB

.data Size: 744KB - Virtual size: 758KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 316KB - Virtual size: 312KB

.data
Size: 744KB - Virtual size: 758KB

.rsrc
Size: 44KB - Virtual size: 43KB