28ddb9b5b14fcca82c4b53af8ba0e03c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28ddb9b5b14fcca82c4b53af8ba0e03c_JaffaCakes118
Size

502KB
MD5

28ddb9b5b14fcca82c4b53af8ba0e03c
SHA1

f0c0a8b4f1420f2b23f25539db2f66eb2d3d6134
SHA256

d3b6ff637b8a26b96801e4c95b249af36d41a0d6873c090e10d6b2bf35da6a71
SHA512

65bc0372624d6035762f2fea6100b2fb875ad442c4c1e1709d8c5bb6a4fdd422744ab9d30377824b618b1abd6eb2947ff61c388d297d6fc78fd0979d8371a3ff
SSDEEP

12288:4B92sN6fdFk1qQpl4hwPqmoM4VRsngZGpxb2+cQ3XZ9AzSOsD:4j2M6Lk1qCV7Q7sngUyMZH3D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ddb9b5b14fcca82c4b53af8ba0e03c_JaffaCakes118

Files

28ddb9b5b14fcca82c4b53af8ba0e03c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

647d7e11d5c1c0505a702b27b555c0cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
DefWindowProcW
CreateWindowExA
GetMenuItemInfoA
ShowWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
DestroyWindow
GetMenuItemCount
RegisterClassA
RegisterClassExA

comctl32

CreateToolbarEx
ImageList_SetFlags
DrawStatusTextW
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_ReplaceIcon
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetFlags
ImageList_GetBkColor
ImageList_Copy

kernel32

InitializeCriticalSection
VirtualQuery
GetCurrentThreadId
CloseHandle
HeapAlloc
SetEvent
GetCommandLineW
LocalLock
HeapReAlloc
DeleteCriticalSection
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetStdHandle
WideCharToMultiByte
GetTickCount
GetTimeZoneInformation
MultiByteToWideChar
GetStringTypeW
SetFilePointer
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
CompareStringA
TlsSetValue
GetEnvironmentStringsW
GetCurrentProcessId
WriteProfileStringW
GetSystemDirectoryW
CreateMutexA
SetHandleCount
GetProcessAffinityMask
GetStringTypeA
InterlockedDecrement
HeapCreate
GetStartupInfoW
TlsAlloc
ReadFile
GetModuleFileNameW
GetCPInfo
SetLastError
HeapDestroy
TlsFree
GetSystemTime
EnterCriticalSection
RtlUnwind
WriteFile
GetStartupInfoA
GetEnvironmentVariableA
FlushFileBuffers
HeapFree
DeleteFileW
GetModuleHandleA
GetProcAddress
LocalSize
LoadLibraryA
OpenMutexA
LCMapStringA
ExitProcess
GetStdHandle
GetModuleFileNameA
IsDebuggerPresent
ReleaseSemaphore
IsBadWritePtr
CompareStringW
VirtualFree
GetThreadPriorityBoost
SetEnvironmentVariableA
GetTempPathW
GetLastError
TlsGetValue
GetEnvironmentStrings
GetFileType
FreeEnvironmentStringsA
GetCommandLineA
LeaveCriticalSection
VirtualAlloc
GetCurrentThread
InterlockedIncrement
lstrcmp
GetVersion
GetLocalTime
LCMapStringW
QueryPerformanceCounter
InterlockedExchange

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647d7e11d5c1c0505a702b27b555c0cb

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 240KB - Virtual size: 249KB

.data Size: 121KB - Virtual size: 121KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 240KB - Virtual size: 249KB

.data
Size: 121KB - Virtual size: 121KB

.rsrc
Size: 22KB - Virtual size: 21KB