38d86cf0a4c2ccd03890bda2dd194ec6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38d86cf0a4c2ccd03890bda2dd194ec6_JaffaCakes118
Size

468KB
MD5

38d86cf0a4c2ccd03890bda2dd194ec6
SHA1

99959995f3fe0230ddc10c494d326130ab964fb4
SHA256

112f4dd38e8ea00621d7037d17007c43d527d73a4bc4b9a4324e914975a156d2
SHA512

78ce3223b4e357e9d15919a64aea98ae299ee277be93f3d184952576d663e2e61a8d2d963df9e38296f48fdc8c6114a7eaa07241ba674c60910a009bc5122ebf
SSDEEP

12288:Fs0P05+0YUbs8bP+J9nLMI6E9Wb4mMjWNuv4:Fn05nHdPs9Le7al

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d86cf0a4c2ccd03890bda2dd194ec6_JaffaCakes118

Files

38d86cf0a4c2ccd03890bda2dd194ec6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a035b35f841a3d6939a8516db485676b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\THAK\ETRAY

Imports

user32

MessageBoxW
UnregisterClassW
CharUpperBuffA
SetSystemCursor
GetFocus
GetMenuStringA
DrawIcon
RegisterClassExA
GetDesktopWindow
DrawEdge
RegisterClassA
EnumDesktopsW
DestroyWindow
GetClipboardSequenceNumber
GetCursor
ModifyMenuW
ShowWindow
OemToCharBuffW
DdeConnect
GetUserObjectSecurity
OemKeyScan
OpenInputDesktop
DefWindowProcW
UnionRect
DrawIconEx
GetInputState
GetThreadDesktop
DdeInitializeW
WinHelpW
OpenIcon
CreateWindowExA

kernel32

EnumCalendarInfoA
SetConsoleCtrlHandler
SetConsoleOutputCP
CloseHandle
GetModuleFileNameA
GlobalUnfix
FlushViewOfFile
FindResourceExA
SetStdHandle
IsValidLocale
GetTimeFormatA
CreateMutexA
MoveFileW
UnlockFile
EnterCriticalSection
UnhandledExceptionFilter
WriteConsoleOutputCharacterW
GetCurrentProcessId
VirtualAlloc
GetSystemTimeAsFileTime
GetDiskFreeSpaceExW
SetWaitableTimer
WaitForDebugEvent
ExitProcess
GetCurrentThreadId
GlobalDeleteAtom
GetCurrentThread
HeapCreate
GetCommandLineA
WriteFile
GetStdHandle
GlobalHandle
MultiByteToWideChar
GetConsoleCP
GetLocaleInfoW
SetThreadPriority
GetPrivateProfileStructW
LeaveCriticalSection
lstrcpyn
SetUnhandledExceptionFilter
TlsSetValue
LoadLibraryA
TlsFree
CreateNamedPipeW
WritePrivateProfileStringW
LoadLibraryW
EnumResourceTypesW
GetConsoleMode
DebugBreak
GetCurrentProcess
VirtualFree
QueryPerformanceCounter
InterlockedIncrement
LCMapStringW
lstrlenA
MapViewOfFileEx
CompareStringA
CreatePipe
GetEnvironmentStringsW
FlushFileBuffers
GetProfileSectionW
WideCharToMultiByte
InterlockedExchange
GetAtomNameW
GetOEMCP
GetFileType
SetFilePointer
WriteConsoleW
GetModuleHandleA
GetUserDefaultLCID
ReadFile
SetLastError
CreateFileMappingW
HeapAlloc
TlsGetValue
GetLongPathNameA
HeapSize
FreeResource
GetDateFormatA
GlobalAddAtomW
RaiseException
GetLastError
HeapDestroy
IsDebuggerPresent
GetTickCount
TerminateProcess
GetModuleHandleW
GetStartupInfoW
GlobalGetAtomNameW
GetCPInfo
TlsAlloc
GlobalFindAtomA
ConvertDefaultLocale
IsValidCodePage
DeleteCriticalSection
EnumDateFormatsW
GetCommandLineW
LoadLibraryExA
OutputDebugStringW
VirtualQuery
GetVersion
SystemTimeToFileTime
GetTimeZoneInformation
OpenMutexA
EnumSystemLocalesA
HeapReAlloc
GetProcAddress
GetACP
GetPrivateProfileIntW
HeapFree
SetConsoleTitleW
LockFileEx
CreateFileA
SetHandleCount
GetStringTypeA
SetComputerNameW
RtlUnwind
lstrcmpi
SetPriorityClass
GetProcessHeap
GetStartupInfoA
WriteProfileStringA
GetWindowsDirectoryW
GetStringTypeW
GetLocaleInfoA
GetFileAttributesExW
LocalReAlloc
GetConsoleOutputCP
HeapValidate
EnumSystemCodePagesW
IsBadReadPtr
GetModuleFileNameW
RemoveDirectoryW
GetLogicalDrives
InterlockedDecrement
GetWindowsDirectoryA
Sleep
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
LCMapStringA
CompareStringW
GetPrivateProfileIntA
ReadConsoleW
SetEvent
WriteConsoleA
OutputDebugStringA
SetEndOfFile
RtlFillMemory
FreeLibrary
EnumResourceLanguagesW

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_LoadImage
ImageList_GetIcon

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a035b35f841a3d6939a8516db485676b

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 204KB - Virtual size: 201KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 100KB - Virtual size: 123KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 204KB - Virtual size: 201KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 100KB - Virtual size: 123KB

.rsrc
Size: 36KB - Virtual size: 35KB