2c9c1326424009ab7fa0c071507694a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c9c1326424009ab7fa0c071507694a3_JaffaCakes118
Size

296KB
MD5

2c9c1326424009ab7fa0c071507694a3
SHA1

d136c0555e9701c9163a1e21b3b9461126e26273
SHA256

25b2faf45b36dc2373df44fffb11e6aaa8d7ca4f5f1a9f2c718c2df1b0f773b6
SHA512

44fa29e3c5484faa5ef8495e5edd13bbb0120a0ff4f787e381faa89341fbf29a7fea21f4079754faa5521b8b0c755d187e3719960f9f51e2f9b6769e03cb3ce5
SSDEEP

6144:PGCPfFGMpbhMUnjPi0WDfj7yKqiS8s3y:OCPfTpNM0Ti0e3q7jy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9c1326424009ab7fa0c071507694a3_JaffaCakes118

Files

2c9c1326424009ab7fa0c071507694a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f20d2e2a8f5e1caba603e6a751786d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_EndDrag
CreateUpDownControl
CreatePropertySheetPageW
CreateToolbarEx
InitCommonControlsEx
ImageList_Duplicate
ImageList_AddIcon
ImageList_Merge
CreateMappedBitmap
ImageList_BeginDrag
ImageList_DragMove
DrawStatusTextW
ImageList_DragLeave
ImageList_GetImageRect
CreateStatusWindow

comdlg32

ChooseColorA
FindTextA

user32

DefWindowProcA
GetCaretPos
GetSysColorBrush
CharLowerBuffW
DefWindowProcW
DdeConnectList
CheckRadioButton
RegisterClassA
ScrollWindowEx
OpenInputDesktop
RemovePropA
CreateDialogIndirectParamA
GetKeyNameTextA
ShowWindow
RegisterClassExA
ChangeDisplaySettingsExW
CharNextExA
CallNextHookEx
CharUpperA
DestroyWindow
IsRectEmpty
CloseClipboard
GetTabbedTextExtentA
DefFrameProcW
SetMenuItemInfoW
DialogBoxParamW
DlgDirSelectExA
EnumDisplaySettingsA
GetDialogBaseUnits
ClientToScreen
SetMenuItemInfoA
IsWindowUnicode
DdeConnect
OpenDesktopW
MessageBoxA
FrameRect
CreateCaret
CopyRect
MessageBoxIndirectA
ExcludeUpdateRgn
ChangeDisplaySettingsExA
SendDlgItemMessageW
CallWindowProcA
CreateWindowExA
LoadImageA
IsDialogMessage
TileWindows
LoadMenuIndirectA
CreatePopupMenu

kernel32

lstrcmpA
SetFileTime
DeleteCriticalSection
GetTickCount
Sleep
WritePrivateProfileStructA
VirtualFree
GetUserDefaultLCID
EnumCalendarInfoA
HeapAlloc
GetCurrentProcess
GetCommandLineA
GetLocaleInfoA
FormatMessageA
SetConsoleCursorPosition
TlsSetValue
GetProcAddress
FreeEnvironmentStringsA
SetLastError
InterlockedExchange
ReadConsoleOutputCharacterA
SetFileAttributesA
LocalFlags
GetCurrentThreadId
GetConsoleMode
GetProcessHeap
GetWindowsDirectoryW
ReadConsoleW
GetCurrentThread
LoadLibraryA
GetModuleFileNameA
GetTimeZoneInformation
RtlZeroMemory
WriteConsoleW
LCMapStringW
IsValidCodePage
FreeEnvironmentStringsW
IsValidLocale
GetThreadSelectorEntry
UnhandledExceptionFilter
TlsGetValue
OpenMutexA
CommConfigDialogA
SetConsoleTextAttribute
GetConsoleOutputCP
WideCharToMultiByte
FlushFileBuffers
GlobalLock
FileTimeToSystemTime
LCMapStringA
CreateEventW
SetUnhandledExceptionFilter
GetThreadTimes
HeapCreate
FindNextFileW
GetAtomNameA
GetCPInfo
GetEnvironmentStrings
GetLastError
HeapValidate
GetCurrentProcessId
CreateFileA
GetFileType
GlobalReAlloc
CreateMutexA
GetConsoleScreenBufferInfo
RemoveDirectoryW
DeleteFiber
CompareStringW
WriteConsoleA
VirtualQuery
TlsAlloc
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetLocaleInfoW
GetStartupInfoW
GetModuleHandleA
EnterCriticalSection
GetTimeFormatA
GetStringTypeA
FillConsoleOutputAttribute
QueryPerformanceCounter
HeapReAlloc
GetDateFormatA
GetMailslotInfo
GetConsoleCP
EnumSystemCodePagesW
IsBadWritePtr
SetConsoleCursorInfo
EnumResourceTypesW
GetStartupInfoA
RtlUnwind
GetStringTypeW
FillConsoleOutputCharacterA
FindFirstFileExW
IsDebuggerPresent
GetComputerNameW
SetEndOfFile
TerminateProcess
ExitProcess
InterlockedIncrement
ReadFile
HeapFree
CreateFileW
VirtualProtectEx
ReadFileEx
GetEnvironmentStringsW
HeapDestroy
GetOEMCP
VirtualAlloc
GetVersionExA
GetAtomNameW
CreateMailslotW
WriteProfileSectionW
WritePrivateProfileStructW
ReadConsoleA
LockFile
InitializeCriticalSection
SetStdHandle
GetStdHandle
GetModuleFileNameW
EnumSystemLocalesA
SetConsoleCtrlHandler
GetEnvironmentVariableA
SetFilePointer
GetACP
LeaveCriticalSection
InterlockedDecrement
LockFileEx
WriteFile
HeapSize
MultiByteToWideChar
SetHandleCount
TlsFree
CompareStringA
FreeLibrary
GetCommandLineW
SetThreadLocale
CloseHandle
OpenFileMappingW

advapi32

RegReplaceKeyW
CryptSetProvParam
RegEnumKeyA
LogonUserW
RegReplaceKeyA
CryptCreateHash
InitiateSystemShutdownA
RegNotifyChangeKeyValue

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f20d2e2a8f5e1caba603e6a751786d9b

Headers

File Characteristics

Imports

comctl32

comdlg32

user32

kernel32

advapi32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 88KB - Virtual size: 96KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 88KB - Virtual size: 96KB

.rsrc
Size: 40KB - Virtual size: 37KB