3a2f12b5ac1aaa9e3e4fae02732b38e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a2f12b5ac1aaa9e3e4fae02732b38e4_JaffaCakes118
Size

708KB
MD5

3a2f12b5ac1aaa9e3e4fae02732b38e4
SHA1

c115246d38aa23d488caa1f9f6f4301aea401433
SHA256

e170752d9809a6bdd2d34bb46b00e2036aff52b8c90a99f2d37a192e7103b830
SHA512

da332fb9f78784138e883d5d28e1c4452f0c09abff2b6950f883f9f13c5753e832333fe2f61e0798b24a435f0126d148ecaa3c1fb004fe0dd5eaf9528ab7dbbc
SSDEEP

12288:c8PWrgqlFpTgAy8VGNWw6+6jVzG+LGnsSB1VPObNkk3tJ7d+Qz+:nPQgqlFpTgAy8VGQw6+6BbYsE1VmbaCL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2f12b5ac1aaa9e3e4fae02732b38e4_JaffaCakes118

Files

3a2f12b5ac1aaa9e3e4fae02732b38e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9f19e27aa7e39f4fa2458ee0edb3299

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_ReplaceIcon
ImageList_GetImageCount
InitCommonControlsEx

advapi32

CryptAcquireContextW
InitiateSystemShutdownW
AbortSystemShutdownW

comdlg32

ReplaceTextA
ChooseColorA
GetFileTitleA

user32

CreateWindowExA
GetParent
RegisterClassExA
DrawTextA
DestroyWindow
KillTimer
IsClipboardFormatAvailable
DeferWindowPos
DefWindowProcW
SetCursorPos
ChangeDisplaySettingsA
SetMessageQueue
AdjustWindowRectEx
GetSysColor
MessageBoxA
SetMenuDefaultItem
GetDesktopWindow
UpdateWindow
CascadeWindows
DdeUnaccessData
OemToCharA
AttachThreadInput
ShowWindow
CallWindowProcW
GetPropA
EnableScrollBar
RegisterClassA
SendIMEMessageExA

kernel32

IsValidLocale
lstrcpyn
CreateMailslotA
CreateFileA
LCMapStringW
GetDiskFreeSpaceExW
InterlockedIncrement
EnumSystemLocalesA
DeleteAtom
WideCharToMultiByte
GetStartupInfoA
WriteConsoleInputW
EnumResourceTypesA
TransmitCommChar
SetLastError
VirtualQuery
RemoveDirectoryA
FlushConsoleInputBuffer
PulseEvent
HeapSize
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
GetConsoleCursorInfo
ResumeThread
MultiByteToWideChar
GetLastError
OpenProcess
FreeLibraryAndExitThread
ExitProcess
IsValidCodePage
GetTempPathA
TlsGetValue
WriteConsoleOutputCharacterW
EnumDateFormatsW
TransactNamedPipe
GetACP
LoadLibraryA
CompareStringW
FindFirstFileExA
IsDebuggerPresent
GetCPInfo
GetCalendarInfoW
TlsSetValue
SetHandleCount
WriteConsoleA
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
GetCommandLineA
SuspendThread
QueryPerformanceCounter
RtlUnwind
GetVersionExW
GetCurrentThread
FreeLibrary
CreateMutexA
GetCurrentThreadId
SetLocalTime
GetModuleHandleA
CompareStringA
GetSystemDefaultLCID
GetStdHandle
FoldStringA
HeapFree
HeapDestroy
GetTimeFormatA
LoadLibraryW
SetThreadLocale
TlsFree
GetProcessShutdownParameters
TerminateProcess
lstrcatA
SetStdHandle
VirtualFree
ConnectNamedPipe
OpenSemaphoreW
Sleep
GetModuleFileNameA
GetSystemDirectoryA
WritePrivateProfileStructA
FreeEnvironmentStringsW
GetLocaleInfoA
FlushFileBuffers
GetNamedPipeHandleStateW
GlobalFix
UnhandledExceptionFilter
GetCurrentProcess
GetVolumeInformationW
InitializeCriticalSection
EnumSystemCodePagesW
TlsAlloc
SetTimeZoneInformation
GetEnvironmentStrings
SetUnhandledExceptionFilter
InterlockedExchange
GetEnvironmentStringsW
GetFileType
FreeEnvironmentStringsA
GetStringTypeA
OpenMutexA
HeapReAlloc
HeapCreate
FormatMessageW
CreateDirectoryW
ReadConsoleA
FindNextFileW
GetLocaleInfoW
CopyFileA
GetVersionExA
GetUserDefaultLCID
SetConsoleCtrlHandler
ReadFile
GetProcessHeap
CreateNamedPipeW
AddAtomW
LCMapStringA
GetTimeZoneInformation
VirtualAlloc
SetSystemTime
InterlockedDecrement
SetFilePointer
GetStringTypeExW
WriteFile
GetCurrentProcessId
GetFileSize
GetConsoleCP
GetProcAddress
FreeResource
DeleteCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
CreateEventW
HeapAlloc
CreateSemaphoreW
GetStartupInfoW
CreateFileW
DebugActiveProcess
GetSystemDirectoryW
GetDateFormatA
GetOEMCP
lstrcat
GetConsoleTitleW
GetStringTypeW
WaitNamedPipeA
CloseHandle
GetPrivateProfileSectionW
VirtualAllocEx
CreateThread
CreatePipe

wininet

CommitUrlCacheEntryA
InternetUnlockRequestFile
LoadUrlCacheContent
DeleteUrlCacheContainerW
InternetGetCookieA
HttpSendRequestExW

shell32

ExtractIconExW
SHBrowseForFolder
SheSetCurDrive
CommandLineToArgvW
SHFileOperation

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9f19e27aa7e39f4fa2458ee0edb3299

Headers

File Characteristics

Imports

comctl32

advapi32

comdlg32

user32

kernel32

wininet

shell32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 140KB - Virtual size: 151KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 140KB - Virtual size: 151KB

.rsrc
Size: 16KB - Virtual size: 13KB