40ae7f98d90d20e243f671b34e11f96f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40ae7f98d90d20e243f671b34e11f96f_JaffaCakes118
Size

1.1MB
MD5

40ae7f98d90d20e243f671b34e11f96f
SHA1

358d57c135785368015266b5039f0fdb3959f56d
SHA256

4eedef1e91ff8f00fa5680ead3d7779fb4766d7366593055b904ed30b64d667f
SHA512

23376d838938c108d28392dae5ff72ed0976f6ed46ffd10cd35b068a81d0ab792ce0b0561f6e0589e4e60fb830b714fd62bba77cc5649aba5e060507f6097630
SSDEEP

24576:1wYDXIEVXxr+dgxYRmxHEixYfvm8gARuRzwtxvyqykg:1VNpiRmbxQeetc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40ae7f98d90d20e243f671b34e11f96f_JaffaCakes118

Files

40ae7f98d90d20e243f671b34e11f96f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbe7d9ef6a930ce6fa90a9afa2d2b417

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
MultiByteToWideChar
lstrlenA
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
FreeLibrary
FindClose
WriteFile
UnhandledExceptionFilter
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
TlsSetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
WriteFile
WaitForSingleObject
VirtualQuery
VirtualAlloc
Sleep
SetThreadLocale
SetFilePointer
SetEvent
ResetEvent
MulDiv
LoadResource
GlobalHandle
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemInfo
GetStringTypeExA
GetStdHandle
GetModuleHandleA
GetLocaleInfoA
GetLocalTime
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCPInfo
GetACP
FreeResource
FreeLibrary
DeleteCriticalSection
CreateEventA
CompareStringA
CloseHandle

user32

LoadStringA
MessageBoxA
CharNextA
WinHelpA
WaitMessage
UpdateWindow
UnhookWindowsHookEx
TranslateMDISysAccel
TrackPopupMenu
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowPos
SetWindowPlacement
SetScrollRange
SetScrollPos
SetScrollInfo
SetPropA
SetMenu
SetForegroundWindow
SetFocus
SetClassLongA
SetActiveWindow
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
OffsetRect
OemToCharA
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsRectEmpty
IsIconic
IsDialogMessageA
IsChild
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowDC
GetTopWindow
GetSystemMenu
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetWindow
GetMenuItemInfoA
GetMenuItemID
GetLastActivePopup
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetClientRect
GetCapture
GetActiveWindow
FindWindowA
EqualRect
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIcon
DrawEdge
DispatchMessageA
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreateMenu
ClientToScreen
CheckMenuItem
CallNextHookEx
BeginPaint
CharNextA
CharLowerA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

oleaut32

SysFreeString
SysReAllocStringLen
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopyInd
VariantCopy
VariantClear
VariantInit

gdi32

StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkColor
SaveDC
RectVisible
Polyline
PatBlt
MoveToEx
LineTo
IntersectClipRect
GetWindowOrgEx
GetTextMetricsA
GetTextExtentPoint32A
GetStockObject
GetPixel
GetPaletteEntries
GetObjectA
GetDIBits
GetDCOrgEx
GetCurrentPositionEx
ExcludeClipRect
CreatePenIndirect
CreatePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap

comctl32

ImageList_SetIconSize
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_BeginDrag
ImageList_DrawEx
ImageList_SetBkColor
ImageList_Add
ImageList_Destroy
ImageList_Create

Sections

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 1KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbe7d9ef6a930ce6fa90a9afa2d2b417

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

comctl32

Sections

.rsrc Size: 23KB - Virtual size: 23KB

DATA Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 512B - Virtual size: 512B

CODE Size: 1KB - Virtual size: 1.8MB

.idata Size: 6KB - Virtual size: 6KB

.rsrc
Size: 23KB - Virtual size: 23KB

DATA
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 512B - Virtual size: 512B

CODE
Size: 1KB - Virtual size: 1.8MB

.idata
Size: 6KB - Virtual size: 6KB