2d77de0bd50e7acd34344252819549a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d77de0bd50e7acd34344252819549a9_JaffaCakes118
Size

294KB
MD5

2d77de0bd50e7acd34344252819549a9
SHA1

8d650b2b3059e967851bbf0670c6ab70abbcaef7
SHA256

5b44787382f1e4c71a371342f7709bad691d3779b1c05c01f641bee1cf08dfe3
SHA512

18fc23866dbb7277918276b7b2fef38aff22c72893d104462f68a522d286e438e63abf1562ce728d09249e5b91ad4cb064c32357d1a01f73450ec175888e0e13
SSDEEP

6144:kC6u0xyE8Rnpjdh26OcHLa3qyVk3f0gRgxFLe3y6k6/z:k604EOnpjdhpLa3qR0Lre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d77de0bd50e7acd34344252819549a9_JaffaCakes118

Files

2d77de0bd50e7acd34344252819549a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7944189d3e633436c019f90901e361a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPos
IsWindow
DispatchMessageA
SetForegroundWindow
GetDC
GetCursorPos
ReleaseDC
GetClientRect
TrackPopupMenu
DestroyWindow
GetParent
UpdateWindow
DefWindowProcA
ShowWindow
SetCapture
EnableWindow
PostQuitMessage
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
IsIconic
RegisterClassA
GetSubMenu
SetTimer
EndPaint
SetFocus
GetMessageA
BeginPaint
GetSystemMetrics
CallWindowProcA
SetCursor
SendMessageA
InvalidateRect
MoveWindow
MapWindowPoints
PeekMessageA
EnableMenuItem
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetWindowLongA
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
GetDesktopWindow
EndDialog
GetFocus
ScreenToClient
FillRect
MessageBoxA
DialogBoxParamA
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible

kernel32

FormatMessageA
InterlockedDecrement
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WaitForSingleObject
GetTimeZoneInformation
InterlockedExchange
GetStringTypeA
DeleteFileA
GetSystemDefaultLCID
GetSystemDefaultLangID
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
SetEvent
GetDriveTypeA
FindNextFileA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
GetTempPathA
WideCharToMultiByte
GetOEMCP
VirtualAlloc
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
VirtualQuery
WriteFile
UnmapViewOfFile
IsValidCodePage
TlsGetValue
SizeofResource
SetStdHandle
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
GetConsoleMode
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
GlobalUnlock
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
HeapCreate
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
GetEnvironmentStringsW
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
GlobalFree
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetCPInfo
GetWindowsDirectoryA
GetCurrentThread
CreateDirectoryA
GetFileSize
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetConsoleCtrlHandler
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
GetStartupInfoA
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
GetSystemTime
SetLastError
LoadLibraryW

advapi32

RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysAllocString
SysStringLen
SysFreeString

gdi32

SetBkMode
CreateSolidBrush
SelectObject
CreateCompatibleDC
SetTextColor
GetStockObject
GetDeviceCaps
DeleteObject
SetBkColor

msvcrt

_cexit
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_strcmpi

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7944189d3e633436c019f90901e361a

Headers

File Characteristics

Imports

user32

kernel32

advapi32

ole32

oleaut32

gdi32

msvcrt

Sections

.text Size: 286KB - Virtual size: 285KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 488B

.text
Size: 286KB - Virtual size: 285KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 488B