4374e8a803302d397be00b8d478c208f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4374e8a803302d397be00b8d478c208f_JaffaCakes118
Size

232KB
MD5

4374e8a803302d397be00b8d478c208f
SHA1

775eb74a1161bab56065248718165aeb0d9ff784
SHA256

89c312329022a6482ae883eee5088e33a76f5103c96e127bc49e8f56f9668d54
SHA512

5734875cccc1b1f36ccc4c0eff301bff634fc71c055ab449962fc7f4d9952153b3154f2b90d62f8c37de17ec81e788ecca5b8d601e54fd48d3e3891b61d8fb43
SSDEEP

3072:bXfcXKQGq0ei6WghNRU6/zFme3mHquY2lnqr4D2rs+ab0vSg0Y9c0:o6PqJ3Wg366ZXmKuYNPEb0vr0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4374e8a803302d397be00b8d478c208f_JaffaCakes118

Files

4374e8a803302d397be00b8d478c208f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f60c2f5b359797a81c4bb732cca7aedb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CreateEventA
CreateFileMappingA
CreateMutexA
DeleteFileA
DeleteFileW
DisableThreadLibraryCalls
DuplicateHandle
ExpandEnvironmentStringsA
FileTimeToSystemTime
FindClose
FindNextFileA
FlushFileBuffers
FreeResource
GetACP
GetCommandLineW
GetConsoleOutputCP
GetCurrentThread
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetLastError
GetModuleFileNameW
GetPrivateProfileStringA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathW
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFindAtomA
GlobalReAlloc
HeapAlloc
HeapDestroy
InterlockedCompareExchange
IsBadWritePtr
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
LocalFileTimeToFileTime
LocalFree
MulDiv
OpenProcess
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
SetThreadLocale
Sleep
SystemTimeToFileTime
TerminateProcess
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcmpiW
lstrcpyA
lstrcpynA
lstrlenA

user32

CallWindowProcA
CharLowerA
CheckMenuItem
CreatePopupMenu
DefWindowProcA
DestroyCursor
DrawIcon
DrawMenuBar
EmptyClipboard
EnableWindow
EndDialog
EndPaint
FillRect
GetActiveWindow
GetDC
GetDCEx
GetDlgItem
GetMenu
GetScrollInfo
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetWindowPlacement
GetWindowRect
GetWindowTextA
IntersectRect
InvalidateRect
IsWindowVisible
IsZoomed
LoadBitmapA
LoadIconA
MapWindowPoints
OffsetRect
PostQuitMessage
RegisterClassA
SetClassLongA
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetPropA
SetTimer
SetWindowPlacement
SetWindowsHookExA
UpdateWindow
WinHelpA
WindowFromPoint
wsprintfA

gdi32

ArcTo
Chord
CopyMetaFileA
CopyMetaFileW
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePenIndirect
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DPtoLP
Ellipse
EnumFontFamiliesA
EnumFontFamiliesExA
GetClipRgn
GetDCOrgEx
GetDeviceCaps
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetRegionData
GetTextExtentExPointW
GetTextExtentPointA
GetViewportExtEx
IntersectClipRect
OffsetWindowOrgEx
PlayEnhMetaFile
PlayMetaFile
Polyline
RectVisible
RestoreDC
ScaleWindowExtEx
SelectPalette
SetAbortProc
SetBkMode
SetTextCharacterExtra
StretchDIBits
TextOutA

shell32

DragFinish
DragQueryFile
DragQueryPoint
ExtractIconExA
ExtractIconExW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfo
SHGetFileInfoA
SHGetFolderPathW
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteEx

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
ImageList_Add
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitCommonControlsEx

advapi32

FreeSid
IsValidSid
OpenSCManagerA
OpenServiceA
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegFlushKey
RegSetValueExA
RevertToSelf
SetSecurityDescriptorGroup

ole32

CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoInitialize
CoInitializeSecurity
DoDragDrop
OleDraw
OleInitialize
OleIsCurrentClipboard
OleUninitialize
RevokeDragDrop

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f60c2f5b359797a81c4bb732cca7aedb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 80KB - Virtual size: 84KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 80KB - Virtual size: 84KB