32690798243c2aff7c8014cf92a61556_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32690798243c2aff7c8014cf92a61556_JaffaCakes118
Size

556KB
MD5

32690798243c2aff7c8014cf92a61556
SHA1

6abd2058491b9fd08879af462ebcc495d9ad348b
SHA256

dba311e9343e42fe3ea820ebe27efa439d1b3723b1098bcfb497e09db5362d6a
SHA512

a6b062128f32e5ed7de58eb4ed04b1b01c628d0ab3792dcccc8168192f42134134f145d02ab072d93abde45c0e55433d4a5a1ea063f67293b764b48213b5a038
SSDEEP

12288:kNZj38sMOIx4OegzggInnMsRhPlnlRipffMU23DKCEh:kTj38sMOIx5egPwMsRhP9ipfnJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32690798243c2aff7c8014cf92a61556_JaffaCakes118

Files

32690798243c2aff7c8014cf92a61556_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef6decce47c7a36d2348477a2a4bb918

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetEnhMetaFileHeader
GetPaletteEntries
GetBitmapBits
Polyline
StretchDIBits
GetTextExtentPoint32W
GetEnhMetaFilePaletteEntries
CreateBitmapIndirect
Pie
RoundRect
GetMetaRgn
CreatePalette
CreateDCA
GetRandomRgn
SetBkColor
CreateFontA
GetRgnBox
GetTextExtentExPointW
MoveToEx
SetMetaRgn
GetWindowExtEx
GetMetaFileBitsEx
PtVisible

comctl32

ImageList_GetIconSize
ImageList_SetBkColor
CreateStatusWindowA
InitCommonControlsEx
CreateToolbarEx
ImageList_GetImageRect
ImageList_Replace
DrawStatusTextA
DrawStatusTextW
ImageList_BeginDrag
ImageList_DrawEx
CreateStatusWindowW

user32

DlgDirListComboBoxW
GetWindowModuleFileNameA
GetWindowRect
EnumDisplaySettingsA
SetFocus
DdeQueryConvInfo
ShowWindow
CopyImage
ChangeClipboardChain
CharPrevA
PaintDesktop
FrameRect
MoveWindow
LoadMenuW
BeginDeferWindowPos
CreateCaret
GetDlgItemInt
IsDialogMessage
DestroyWindow
DefWindowProcA
TranslateAcceleratorA
ModifyMenuA
DlgDirListComboBoxA
UnionRect
DdePostAdvise
DrawFrame
CreateWindowExA
WinHelpW
GetWindowInfo
GetClassInfoW
GetKeyNameTextW
TileChildWindows
GetClassLongW
IsMenu
EndDialog
BroadcastSystemMessageA
UnregisterHotKey
ActivateKeyboardLayout
LockWindowUpdate
BeginPaint
UnregisterDeviceNotification
GetMenuStringA
GetMenuStringW
LoadIconW
IsCharUpperW
DefDlgProcW
GetWindowTextLengthA
ScrollWindow
IntersectRect
TrackPopupMenuEx
SetKeyboardState
RegisterClassExA
MessageBoxW
GetKeyState
HideCaret
GetMenuBarInfo
RegisterClassA
ShowCaret

wininet

InternetUnlockRequestFile
InternetGetCertByURLA
InternetReadFileExW
LoadUrlCacheContent
InternetConfirmZoneCrossingA
InternetSetOptionW
IsHostInProxyBypassList

shell32

ExtractAssociatedIconA
SHLoadInProc

kernel32

GetStdHandle
GetVersionExA
TlsGetValue
ExitProcess
GetSystemInfo
GetLocaleInfoA
LeaveCriticalSection
GetComputerNameA
SetHandleCount
SetVolumeLabelW
GetLocaleInfoW
GetCurrentProcess
GetStringTypeA
GetPrivateProfileIntW
VirtualAlloc
GetTimeZoneInformation
MultiByteToWideChar
ExpandEnvironmentStringsA
SetConsoleOutputCP
ReadConsoleW
RtlZeroMemory
RtlUnwind
VirtualProtect
CloseHandle
HeapCreate
LCMapStringW
GlobalDeleteAtom
IsValidLocale
GetModuleFileNameA
TryEnterCriticalSection
LockFile
HeapReAlloc
CreateFileW
GetLastError
TlsSetValue
EnterCriticalSection
HeapDestroy
GetUserDefaultLCID
WriteFile
GetCurrentThread
CreateToolhelp32Snapshot
GetCommandLineA
LocalUnlock
GetCurrencyFormatW
GetConsoleCursorInfo
GetCurrentProcessId
CompareStringW
InitializeCriticalSection
ContinueDebugEvent
GetTimeFormatA
TlsAlloc
DeleteCriticalSection
GetStringTypeW
CompareStringA
FreeResource
EnumSystemLocalesA
GetFileAttributesExA
GetDateFormatA
SetStdHandle
GetOEMCP
OutputDebugStringW
OpenFile
GlobalFix
CreateFileMappingA
GlobalAlloc
CreateThread
SetLastError
CreateMutexA
GetSystemTimeAsFileTime
GetLogicalDriveStringsW
ReadFile
GetACP
GetProcAddress
IsBadWritePtr
GetSystemDirectoryW
GetCPInfo
GetModuleHandleA
IsValidCodePage
OpenMutexA
HeapFree
FreeEnvironmentStringsA
FormatMessageA
HeapSize
LoadLibraryA
FreeEnvironmentStringsW
ResumeThread
CreateFileA
LCMapStringA
WideCharToMultiByte
RtlFillMemory
TlsFree
LocalCompact
FlushFileBuffers
SetEnvironmentVariableA
SetFilePointer
TerminateProcess
LocalShrink
VirtualFree
DeleteFileW
DebugActiveProcess
InterlockedExchange
GetTickCount
CreateFileMappingW
GetWindowsDirectoryA
GetProcessHeaps
UnhandledExceptionFilter
QueryPerformanceCounter
VirtualQuery
GetStartupInfoA
lstrcmpi
CreateProcessW
GetCurrentThreadId
GetEnvironmentStringsW
TransmitCommChar
GetFileType
GetEnvironmentStrings
HeapAlloc
GetFileSize

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef6decce47c7a36d2348477a2a4bb918

Headers

File Characteristics

Imports

gdi32

comctl32

user32

wininet

shell32

kernel32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 116KB - Virtual size: 125KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 116KB - Virtual size: 125KB

.rsrc
Size: 20KB - Virtual size: 17KB