28d6abf0737ce20aa56cc9e9162b647f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28d6abf0737ce20aa56cc9e9162b647f_JaffaCakes118
Size

802KB
MD5

28d6abf0737ce20aa56cc9e9162b647f
SHA1

e40c931bb75bd34f8fa5c603c9aafc78fe7809ef
SHA256

5e2e93465e7649685c169f77cbffc388f993f7937e4aeb8a1abb17a1c8ae7f6d
SHA512

e7c8762fa4f5b6f00deddd34e14e95135c95c7d2ed3d070f91d07ce883eb7e6659843b15cf12e72b2cfc24cbea1ff864afeaaf0ddd60850fea444fc0a07a6966
SSDEEP

12288:gtUsENdMmnG05jD3/LH+8yanWKrHJFMNKopaJkPdf4PGIsI+5:j5dS0F/z+80EHJFmpZ4epI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d6abf0737ce20aa56cc9e9162b647f_JaffaCakes118

Files

28d6abf0737ce20aa56cc9e9162b647f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3919b96f63b8024b8e7a633ca81fc332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
VirtualAlloc
GetCurrentProcess
SetEnvironmentVariableA
FreeEnvironmentStringsW
LCMapStringA
EnterCriticalSection
RaiseException
HeapAlloc
GetStdHandle
WriteConsoleA
GetOEMCP
TlsAlloc
GetCommandLineW
HeapReAlloc
GetConsoleCP
Sleep
WriteConsoleW
GetModuleFileNameA
GetACP
RtlUnwind
OpenMutexW
GetEnvironmentStringsW
MultiByteToWideChar
UnhandledExceptionFilter
CompareStringW
GetConsoleOutputCP
CloseHandle
InterlockedIncrement
CreateFileA
QueryPerformanceCounter
VirtualFree
LeaveCriticalSection
HeapFree
TlsSetValue
GetVersionExA
CompareStringA
GetStartupInfoA
GetCPInfo
TlsFree
SetUnhandledExceptionFilter
DeleteCriticalSection
LCMapStringW
GetCommandLineA
InterlockedExchange
LoadLibraryA
GetEnvironmentStrings
IsValidCodePage
WideCharToMultiByte
HeapDestroy
GetLocaleInfoA
GetProcessHeap
GetConsoleMode
GetTickCount
ExitProcess
FreeEnvironmentStringsA
GetFileType
InitializeCriticalSection
TlsGetValue
VirtualQuery
GetStringTypeW
GetTimeFormatA
GetProcAddress
HeapCreate
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetStdHandle
HeapSize
SetLastError
ReadFile
TerminateProcess
SetFilePointer
LoadLibraryW
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStartupInfoW
GetLastError
GetCurrentThreadId
WriteFile
IsDebuggerPresent
InterlockedDecrement
GetDateFormatA
FlushFileBuffers
CreateMutexW
SetHandleCount
GetCurrentProcessId

comctl32

ImageList_GetImageCount
ImageList_Create
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_SetImageCount
ImageList_Add
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_Replace
ImageList_DragLeave
ord17
InitCommonControlsEx
ImageList_Destroy
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Draw

user32

MapDialogRect
GetSubMenu
SetWindowLongW
GetMenuItemInfoW
IsWindowEnabled
RegisterClassExW
ScreenToClient
MessageBoxW
CreatePopupMenu
KillTimer
GetClipboardData
WindowFromPoint
InvalidateRgn
IsWindowVisible
DestroyAcceleratorTable
EmptyClipboard
CloseClipboard
DestroyMenu
GetDlgCtrlID
GetWindowThreadProcessId
GetUpdateRect
RegisterClassW
MessageBeep
PtInRect
GetWindowDC
GetDesktopWindow
LoadAcceleratorsW
EnumChildWindows
TrackPopupMenuEx
GetDlgItem
GetClassInfoW
SetTimer
CreateWindowExW
UpdateWindow
GetWindow
SystemParametersInfoW
DrawIcon
GetFocus
SetFocus
DestroyWindow
SetCapture
SystemParametersInfoA
DefWindowProcW
LoadIconW
IsWindow
MapWindowPoints
PostMessageW
LoadBitmapW
GetMenuCheckMarkDimensions
IsChild
ShowWindow
UnregisterClassA
DispatchMessageW

gdi32

DeleteObject
BitBlt

advapi32

RegDeleteValueA
RegSetValueExA
CloseServiceHandle
SetFileSecurityA
RegQueryInfoKeyA

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 474KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3919b96f63b8024b8e7a633ca81fc332

Headers

File Characteristics

Imports

kernel32

comctl32

user32

gdi32

advapi32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 474KB - Virtual size: 474KB

.data Size: 111KB - Virtual size: 120KB

.rsrc Size: 106KB - Virtual size: 105KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 474KB - Virtual size: 474KB

.data
Size: 111KB - Virtual size: 120KB

.rsrc
Size: 106KB - Virtual size: 105KB