43b99fcbf4392dc05e9f72ac12e84185_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43b99fcbf4392dc05e9f72ac12e84185_JaffaCakes118
Size

291KB
MD5

43b99fcbf4392dc05e9f72ac12e84185
SHA1

a7f978d2147209fcdf9b346143ec67ebe5564948
SHA256

3bb0a674cd1ffcf83e0e174db006ccd613a74d3ca35cf8384783ea1d6c91d566
SHA512

23807d2e5da6ac09145d904c65cfa3737df9d5d7b2a705f10fbe2471e473decd562baf71234361297e0b75508b70e1550ac1a6bbf9cdeda844182250a60ffc4d
SSDEEP

6144:uIGIkA4x3xP26RF8rDifi3QcRRnCI+wpdHC1tPVn03lQRY9cbA:Dy1OlGwpdHC1tVwoY9cE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43b99fcbf4392dc05e9f72ac12e84185_JaffaCakes118

Files

43b99fcbf4392dc05e9f72ac12e84185_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09534b9e6c28cd18b8693e15cc62ff51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
GetStockObject
SetTextColor
SetBkColor
GetDeviceCaps
CreateSolidBrush

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW

kernel32

GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
IsValidCodePage
WideCharToMultiByte
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
InitializeCriticalSection
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
WaitForMultipleObjects
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetErrorMode
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
CreateEventW
GetConsoleMode
GlobalAlloc
GetVersion
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
lstrcmpiA
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
LocalAlloc
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetStdHandle
GetCurrentThread

user32

SetDlgItemTextA
EndDialog
GetDesktopWindow
LoadIconA
LoadCursorA
ClientToScreen
GetDlgItem
SetTimer
wsprintfA
CheckMenuItem
SetWindowTextA
ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
MapWindowPoints
FillRect
CreateWindowExA
GetWindowLongA
MessageBoxA
SetForegroundWindow
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
SetCapture
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
UnregisterClassA
GetDC
PeekMessageA
EndPaint
DispatchMessageA
IsWindow
SetWindowPos
ReleaseDC
PostQuitMessage
MoveWindow
GetSysColor
SystemParametersInfoA
IsWindowVisible
EnableMenuItem
GetFocus
InvalidateRect
SendMessageA
IsIconic
GetClientRect

oleaut32

SysStringLen
VariantClear
VariantInit

msvcrt

_exit
_cexit
_controlfp
exit

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09534b9e6c28cd18b8693e15cc62ff51

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

oleaut32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 262KB - Virtual size: 262KB

.rsrc Size: 1024B - Virtual size: 888B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 1024B - Virtual size: 888B