288dfa800b41eadf1f1e43bce02d4e24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

288dfa800b41eadf1f1e43bce02d4e24_JaffaCakes118
Size

166KB
MD5

288dfa800b41eadf1f1e43bce02d4e24
SHA1

ff3d9c3f54a923f9a44e64c9232d6b1cf000b91e
SHA256

9330cd4aa3cc44c875ff9cbc30ceae009d924e6edff1e4f67212d6f71e257929
SHA512

bec44e453bb520b18c1a03176c6865db90b1cf5fa53b4253792e337d5577cf72e215f5fe6822b5ab58f54e10277230f30f24d1d3f2e850d5132206e79d130d8e
SSDEEP

3072:uInATHBmGTamTSPJL4XKdQMkNWivSCbtrJCgtELXSs:rnA8GD+BUX0QMkQSZJCRLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
288dfa800b41eadf1f1e43bce02d4e24_JaffaCakes118

Files

288dfa800b41eadf1f1e43bce02d4e24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c19de9accc5c4af4c7f0739c777beaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetActiveWindow
MoveWindow
CreatePopupMenu
GetNextDlgTabItem
SetFocus
DestroyWindow
EnumChildWindows
GetLastActivePopup
IsMenu
GetTabbedTextExtentW
GetMenuItemInfoW
GetForegroundWindow
TrackPopupMenu
RegisterWindowMessageW
CloseWindow
DrawAnimatedRects
LockWindowUpdate
FindWindowW
MapVirtualKeyW
SetForegroundWindow
ShowWindow
SetWindowRgn
PeekMessageW
DestroyMenu

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

gdi32

Rectangle
Ellipse
GetTextExtentPoint32W
GetTextColor
GetStockObject
EnumFontFamiliesW
SetPixelV
RoundRect
Escape
CreateFontW
SetDIBits
StretchDIBits
GetCharWidthW
GetDIBits
CreateRectRgnIndirect
SetBoundsRect
ExtFloodFill
GetBkColor
GetTextAlign
CombineRgn
CreateDIBSection

kernel32

GlobalFree
GetModuleHandleW
GetProcAddress
QueryDosDeviceW
InterlockedExchange
GetTickCount
GetACP
FindFirstChangeNotificationW
GlobalLock
ResumeThread
WritePrivateProfileStringW
GetThreadLocale
GetVersion
lstrcmpW
InterlockedIncrement
WaitForSingleObject
GetProcessId
lstrcpynW
GetCurrentThreadId
GetModuleFileNameW
LockResource
SetThreadPriority
GetVersionExA
DeleteFileW
FileTimeToLocalFileTime
Sleep
GlobalUnlock
LoadLibraryExW
FindResourceW
lstrlenW
InitializeCriticalSection
GetLastError
GlobalAlloc
FindClose
LocalFree
EnumResourceTypesA
DeleteCriticalSection
QueryPerformanceCounter
lstrcpyW
MulDiv
FileTimeToSystemTime
ExitProcess
FindFirstFileW
GetSystemTimeAsFileTime
MultiByteToWideChar
CreateThread
GetPrivateProfileStringW
CloseHandle
GetCurrentDirectoryW
GetVersionExW
GlobalSize
FreeLibrary
InterlockedDecrement
WideCharToMultiByte
GetPrivateProfileIntW
GetNumberFormatW
GetFileAttributesW
LoadResource
SetFileAttributesW
FindNextChangeNotification
GetLocaleInfoA
FindCloseChangeNotification
LoadLibraryW
LoadLibraryA
GetLocaleInfoW
GetCurrentProcessId

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

comctl32

ImageList_GetImageCount
PropertySheetW
InitCommonControlsEx
ImageList_Add
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_LoadImageW
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_Destroy
ImageList_Draw

ole32

DoDragDrop
CoCreateInstance
OleRun

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c19de9accc5c4af4c7f0739c777beaa

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

gdiplus

comctl32

ole32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 65KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 65KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 92KB