35c0caeaed02c5eb552a43cea28a6240_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35c0caeaed02c5eb552a43cea28a6240_JaffaCakes118
Size

500KB
MD5

35c0caeaed02c5eb552a43cea28a6240
SHA1

14ffd1ce55424206d5990a35a6807b683317ab0c
SHA256

7962ee774c8bb328075b8b51ebad51aa33f91630d778d87e5584d18103c6ff45
SHA512

d04780e6bc7276b37f0c4028f9a000fc5ed2963aa70173681894d09df2d20aa45babd1c115b994812f74bd34581cf5c0815fb33e5d61fe912555c25dee3c1569
SSDEEP

12288:2ycjCQo+H11Eu1+BgNWoCQjjqm2IQrnVbll:dcAg1EaA0CiqXIK5ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35c0caeaed02c5eb552a43cea28a6240_JaffaCakes118

Files

35c0caeaed02c5eb552a43cea28a6240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43d2e4e676c1c7f15b1121db960b3d20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
SHLoadInProc

kernel32

GetUserDefaultLangID
FreeEnvironmentStringsW
ExitProcess
CloseHandle
LoadLibraryA
GetStringTypeA
GetProcAddress
GetCommandLineA
WriteConsoleW
WideCharToMultiByte
LCMapStringA
GetSystemDefaultLCID
TlsAlloc
GetCurrentThreadId
GetStdHandle
EnumSystemLocalesA
UnhandledExceptionFilter
SetEnvironmentVariableA
GetDiskFreeSpaceExW
TlsSetValue
GetACP
GetCPInfo
HeapDestroy
GetEnvironmentStringsW
GetStringTypeW
GetModuleHandleA
GetCurrentThread
FlushFileBuffers
WriteConsoleA
HeapSize
GetUserDefaultLCID
SetFilePointer
VirtualAlloc
GetTimeZoneInformation
CreateMutexA
GetConsoleOutputCP
VirtualFree
GetTimeFormatA
HeapFree
CompareStringW
InterlockedDecrement
MultiByteToWideChar
InterlockedIncrement
HeapAlloc
GetConsoleMode
HeapCreate
SetConsoleCtrlHandler
IsValidCodePage
GetCurrentProcess
TlsGetValue
CompareStringA
SetStdHandle
GetModuleFileNameA
HeapReAlloc
Sleep
LeaveCriticalSection
RtlUnwind
FreeLibrary
TerminateProcess
GetOEMCP
InterlockedExchange
GetDateFormatA
IsValidLocale
InitializeCriticalSection
OpenMutexA
LCMapStringW
GetTickCount
GetCurrentProcessId
QueryPerformanceCounter
CreateFileA
GetEnvironmentStrings
DeleteCriticalSection
SetThreadPriority
TlsFree
GetConsoleCP
GetVersionExA
FreeEnvironmentStringsA
SetLastError
GetLocaleInfoW
GetLocaleInfoA
SetHandleCount
GetLastError
GetProcessHeap
EnterCriticalSection
ReadFile
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetFileType
VirtualQuery
GetStartupInfoA

gdi32

ExtFloodFill

comdlg32

ReplaceTextA
GetSaveFileNameA

advapi32

RegOpenKeyW
CryptHashSessionKey
RegOpenKeyExW
CryptAcquireContextA
RegSetValueA
CryptDestroyHash
CryptDeriveKey
CryptDuplicateHash
CryptSetProviderW
RegQueryValueA
CryptVerifySignatureW
RegConnectRegistryA
CreateServiceW
LookupAccountNameA
RegQueryValueExW
LookupPrivilegeNameA
CryptGenRandom
RegDeleteKeyA
LookupAccountSidW
RegEnumValueA
CryptSetProviderA
CreateServiceA
StartServiceA

user32

SetWindowsHookA
ModifyMenuA
UnhookWindowsHook
DdeCreateStringHandleW
AppendMenuW
GetMenuItemInfoA
GetKeyboardLayoutList
ChildWindowFromPoint
wsprintfW
DestroyWindow
GetWindowContextHelpId
DefFrameProcA
RegisterClassExA
GetSubMenu
RegisterClassA
DdeAddData
RegisterDeviceNotificationW
WindowFromDC
SetProcessWindowStation
ActivateKeyboardLayout

comctl32

InitCommonControlsEx

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43d2e4e676c1c7f15b1121db960b3d20

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

comdlg32

advapi32

user32

comctl32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 10KB - Virtual size: 20KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 10KB - Virtual size: 20KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 9KB