409ff0859fa2e5b012852f2a0317d73e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

409ff0859fa2e5b012852f2a0317d73e_JaffaCakes118
Size

728KB
MD5

409ff0859fa2e5b012852f2a0317d73e
SHA1

799d7e38c0cb6d355042d8637a19f252581e75e3
SHA256

84c82a44de5a0ff98b524e5e6b6a654b243b928abe7276cfbce03e441f5965b0
SHA512

92e121e71c7dc21f3a38db74a62619cc475d61b3f605f37b785c92316d619795c534c2fe1e6d8fe448c270c28a4eba0f417dd44dcf76241225fdd484952c3df3
SSDEEP

12288:hmGvDE8bhQ5zDsHSZ9noIvO0uyr8XMYdju74s0tRWUX7aZlVmpNA2ixWBPuV:IV+G5z4H+BofSq3ju74s8ROHWiTV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409ff0859fa2e5b012852f2a0317d73e_JaffaCakes118

Files

409ff0859fa2e5b012852f2a0317d73e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2253e5b90003e7e4d05b83a707b593af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dodxs

Imports

kernel32

LoadLibraryA
WriteFile
EnumSystemLocalesA
FreeResource
GetStartupInfoA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetTickCount
HeapDestroy
FileTimeToSystemTime
SetLastError
UnhandledExceptionFilter
HeapCreate
GetFileType
TlsGetValue
SetLocalTime
HeapReAlloc
WaitNamedPipeW
VirtualQuery
HeapValidate
CreateFileW
MapViewOfFile
WriteConsoleW
GetEnvironmentStringsW
lstrcmpW
GetThreadLocale
Sleep
SetCurrentDirectoryA
GetConsoleMode
EnterCriticalSection
TlsSetValue
GetLastError
HeapSize
TlsFree
CreateFileA
OpenMutexA
VirtualFreeEx
GetVersionExA
GetStringTypeA
WideCharToMultiByte
LeaveCriticalSection
GetFileSize
CreateSemaphoreA
GetLocaleInfoA
HeapFree
HeapAlloc
WaitCommEvent
VirtualProtect
UnlockFileEx
TransmitCommChar
ReadFile
GetTimeFormatA
GetStdHandle
SetHandleCount
GetSystemTimeAdjustment
FreeEnvironmentStringsA
LCMapStringA
RtlUnwind
GetModuleHandleA
GetCurrentProcessId
GetShortPathNameA
IsValidLocale
ExitProcess
GetConsoleOutputCP
InterlockedDecrement
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
GetNamedPipeInfo
FlushFileBuffers
OpenWaitableTimerA
InterlockedIncrement
CompareStringW
QueryPerformanceCounter
GetCPInfo
LoadResource
GetUserDefaultLCID
GetACP
CreateNamedPipeA
TerminateProcess
CloseHandle
GlobalFree
SetVolumeLabelA
GetEnvironmentStrings
CreateWaitableTimerA
GetLocaleInfoW
RtlMoveMemory
EnumTimeFormatsA
FindNextChangeNotification
EnumCalendarInfoExA
GetFileAttributesW
GetProcessHeap
GetDateFormatA
DeleteFileW
FreeEnvironmentStringsW
GetCommandLineA
SetFilePointer
MultiByteToWideChar
InterlockedExchange
GlobalUnfix
SetConsoleCtrlHandler
GetCurrentThread
GetCommandLineW
LocalShrink
WaitForMultipleObjectsEx
IsDebuggerPresent
GetConsoleCP
WriteConsoleA
SetThreadPriority
SetThreadIdealProcessor
GetStringTypeW
MoveFileA
GetOEMCP
IsValidCodePage
LCMapStringW
GetComputerNameA
CompareStringA
GetCurrentThreadId
EnumTimeFormatsW
GetLocalTime
GetDriveTypeA
IsBadReadPtr
GetEnvironmentVariableA
VirtualAlloc
GetCurrentProcess
CreateMutexA
GetProcAddress
FreeLibrary
FlushConsoleInputBuffer
GetModuleFileNameA
GetSystemDirectoryW
AllocConsole
CreateSemaphoreW
SetEnvironmentVariableA
FlushInstructionCache
SetStdHandle
EnumCalendarInfoA
TlsAlloc
DeleteFileA
GetStartupInfoW
GetProcAddress
FillConsoleOutputCharacterA
EnumResourceTypesW
LockFileEx
VirtualFree
MoveFileExW
SetUnhandledExceptionFilter
ReadConsoleInputW
GetStringTypeExW
SetConsoleCursorInfo
GetLongPathNameA
GetProfileIntW

comctl32

ImageList_DragEnter
ImageList_SetBkColor
ImageList_Remove
CreateStatusWindowW
ImageList_BeginDrag
ImageList_AddIcon
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Add
CreateStatusWindow

user32

GetWindowTextLengthW
EndMenu
AdjustWindowRect
SetThreadDesktop
DdeKeepStringHandle
SetClassLongA
LoadKeyboardLayoutA
PeekMessageA
GetDlgItem
RegisterClassExA
MessageBoxW
DdeQueryStringA
DlgDirListComboBoxA
TranslateMessage
DrawIconEx
AdjustWindowRectEx
ShowWindow
GetDlgCtrlID
RemovePropA
MapVirtualKeyExW
FindWindowA
DestroyWindow
GetKeyboardLayout
WaitForInputIdle
ReleaseDC
CreateAcceleratorTableA
DefWindowProcA
DragObject
SetDlgItemInt
MessageBoxExA
DdeAbandonTransaction
GetKBCodePage
CharPrevW
LoadBitmapW
CreateWindowExA
RegisterClassA
IsDlgButtonChecked
DdeFreeDataHandle
EndTask
AppendMenuW
LoadStringW
SystemParametersInfoW
DrawTextExA

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2253e5b90003e7e4d05b83a707b593af

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 460KB - Virtual size: 456KB

.data Size: 136KB - Virtual size: 156KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 460KB - Virtual size: 456KB

.data
Size: 136KB - Virtual size: 156KB

.rsrc
Size: 32KB - Virtual size: 28KB