3aecf82635848ff1a0146d70c927ef75_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3aecf82635848ff1a0146d70c927ef75_JaffaCakes118
Size

700KB
MD5

3aecf82635848ff1a0146d70c927ef75
SHA1

8a2012ea4c33eda86a5f270dc17714ea95208113
SHA256

e7b4bded96c21d8323576ad014afc52ba955b8409100555ec8a52e1d819c2499
SHA512

ed9961c69627a401e2e147c1783261404957420c56649b5f781716823e3a428c8344e6629188f7b85a67e211ea51c10d0f27ab7513ac258e7602201f02f946cf
SSDEEP

12288:adhLQGYGqKnLTOJD5tyi73Vhw92nCqT6QmzJAGUX4ygCp2A6cV:+RQNKL4yijVpCq2lM2Cpp68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aecf82635848ff1a0146d70c927ef75_JaffaCakes118

Files

3aecf82635848ff1a0146d70c927ef75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfc5850b58ea914ed27f74e10f017abf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
GetSaveFileNameW
PrintDlgA
PageSetupDlgA

gdi32

GetCharABCWidthsFloatA
GetPixelFormat
PtVisible
DeleteObject
SetMapperFlags
EndDoc
DeviceCapabilitiesExA
EnumFontsW
GetDeviceCaps
GetObjectA
FloodFill
GetMetaFileW
RoundRect
DeleteDC
GetCharWidth32A
ColorCorrectPalette
CreateDCW
RectVisible
SetPixelV
Chord
GetICMProfileA
FrameRgn
PolyTextOutA
CreateBitmap
GetTextExtentPointW
RealizePalette
CreateDCA

kernel32

GetACP
CompareStringA
GetPrivateProfileStringW
TlsFree
SetLastError
GetCommandLineA
QueryPerformanceCounter
FormatMessageW
GetSystemTime
GetFullPathNameA
DeleteCriticalSection
VirtualFree
UnhandledExceptionFilter
HeapReAlloc
GetLocaleInfoA
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
EnumSystemLocalesA
SetComputerNameW
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
SetStdHandle
LeaveCriticalSection
MultiByteToWideChar
GetTimeZoneInformation
WideCharToMultiByte
GetFileSize
FreeEnvironmentStringsW
GlobalReAlloc
LocalFree
TlsSetValue
GetModuleHandleA
GetModuleFileNameA
SetHandleCount
HeapCreate
GetProcAddress
GlobalUnlock
FindNextFileA
HeapFree
FlushFileBuffers
IsBadWritePtr
GetSystemDefaultLCID
GetCPInfo
TlsAlloc
IsBadReadPtr
GetFileAttributesW
EnterCriticalSection
GetOEMCP
GetLocalTime
FreeEnvironmentStringsA
WriteFile
GetStdHandle
FindClose
HeapDestroy
SleepEx
TerminateProcess
LCMapStringW
CloseHandle
ReadConsoleOutputCharacterA
GetCurrentProcess
TlsGetValue
GetFullPathNameW
EnumResourceNamesW
GetTempFileNameW
OpenMutexA
GetStartupInfoA
HeapAlloc
VirtualQuery
CreateMutexW
GetFileType
GetCurrentThread
LoadLibraryA
ReadFile
LCMapStringA
WritePrivateProfileSectionA
GetFileAttributesA
GetTickCount
SetFilePointer
GetStringTypeA
CreateMutexA
SetConsoleOutputCP
GetLastError
InterlockedExchange
ReadConsoleA
InitializeCriticalSection
GetVersion
SetEnvironmentVariableA
GetStringTypeW
LockFile
VirtualAlloc
SetConsoleScreenBufferSize
CompareStringW
GetCurrentProcessId
GetSystemTimeAsFileTime
DebugBreak
ExitProcess

advapi32

AbortSystemShutdownA
RegEnumKeyA
GetUserNameW
CryptGetUserKey
CryptGetDefaultProviderW
CryptExportKey
RegRestoreKeyW
ReportEventA
RegLoadKeyA
CryptDestroyKey
RegOpenKeyExW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueA
LookupPrivilegeDisplayNameA
RegSaveKeyW
RegQueryValueExA
LookupAccountSidW
CryptSignHashA
ReportEventW
LookupPrivilegeValueW
RegQueryInfoKeyA
CryptSignHashW
CryptDuplicateKey

user32

WindowFromPoint
CreateMDIWindowA
CreateWindowExW
GetMessageExtraInfo
MessageBoxA
GetKeyNameTextW
ShowWindow
DestroyWindow
SetCursor
DefWindowProcW
DrawTextExA
CloseWindowStation
TileChildWindows
GetPropW
DrawMenuBar
RegisterClassA
GetMenu
SetMessageExtraInfo
AppendMenuA
GetCaretPos
WINNLSGetEnableStatus
DdeConnect
RegisterClassExA

comctl32

ImageList_DrawIndirect
CreateMappedBitmap
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Replace
DrawStatusText
CreateUpDownControl
ImageList_SetImageCount
ImageList_GetIcon
MakeDragList
ImageList_GetIconSize
ImageList_DragMove
InitCommonControlsEx

wininet

FindNextUrlCacheContainerA
FtpFindFirstFileA

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfc5850b58ea914ed27f74e10f017abf

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

advapi32

user32

comctl32

wininet

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 456KB - Virtual size: 452KB

.data Size: 128KB - Virtual size: 138KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 456KB - Virtual size: 452KB

.data
Size: 128KB - Virtual size: 138KB

.rsrc
Size: 40KB - Virtual size: 39KB