40a981f178efff686c9c6d53dd6799d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40a981f178efff686c9c6d53dd6799d2_JaffaCakes118
Size

340KB
MD5

40a981f178efff686c9c6d53dd6799d2
SHA1

52387e7cf7f8f3b48ed6d1e4506822f26c5853e4
SHA256

226d1396b8dbd502ccbb0c3b31c48024f337cc38c1ab7f15c8dbb7ecc4c1b98f
SHA512

f79101adbbe3f7dfe5b445cf8e12408271677c1581d97e349f509f25da53fdb8f69d88bbc4dcd6505f98071b2b08e4905565f6c2d638a513e49c2dff504e4c51
SSDEEP

6144:eBr8NDVyO7FYqja1aOWfjmTVpRPw2B5Ejt5Aj5ivw58VeliEGuOhqVEf9ddFSqIB:9NDVyWYgc3TfRoClU4GVe0n+1xdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a981f178efff686c9c6d53dd6799d2_JaffaCakes118

Files

40a981f178efff686c9c6d53dd6799d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb5a73b93bbf3d6e872a789eb1126a90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dog

Imports

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA

wininet

SetUrlCacheEntryGroup
InternetShowSecurityInfoByURLW
SetUrlCacheHeaderData
FindFirstUrlCacheGroup
GetUrlCacheEntryInfoExA
LoadUrlCacheContent
FindFirstUrlCacheEntryExA
FindNextUrlCacheEntryExW
HttpAddRequestHeadersW

comctl32

ImageList_Replace
ImageList_Add
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_DragMove
ImageList_LoadImageW
InitMUILanguage
ImageList_DragEnter
CreateStatusWindow

advapi32

RegDeleteKeyA
CryptVerifySignatureW
CryptGenKey
CryptExportKey
CryptDecrypt
RegEnumKeyExA
GetUserNameW
RegQueryValueExW
CryptDestroyKey
CryptEncrypt
LogonUserA
DuplicateToken
RegQueryMultipleValuesA
LookupPrivilegeValueA
CryptSetKeyParam
InitiateSystemShutdownA

user32

ChangeDisplaySettingsExW
DestroyWindow
SetMenuInfo
VkKeyScanExW
UpdateWindow
IsCharAlphaW
MessageBoxA
ValidateRgn
DrawStateA
IsWindowUnicode
InsertMenuA
BlockInput
DefWindowProcW
CreateIconFromResource
GetDesktopWindow
IsDialogMessageA
WaitForInputIdle
RegisterClassA
LoadAcceleratorsW
SetTimer
CreateCaret
EnableMenuItem
RegisterClassExA
ToAscii
LoadMenuIndirectA
RegisterWindowMessageW
CreateWindowExW
ArrangeIconicWindows
GetQueueStatus
SetUserObjectInformationA
ShowWindow
ClientToScreen
RealGetWindowClass
SetScrollPos
UnpackDDElParam
CharNextW
IsIconic
SetForegroundWindow
ToUnicodeEx

kernel32

GetPrivateProfileSectionA
SetLastError
UnhandledExceptionFilter
OpenProcess
VirtualFree
TransmitCommChar
GetStartupInfoW
GetCurrentThread
EnumSystemCodePagesW
ReadConsoleW
GetDateFormatA
WriteConsoleOutputA
lstrcat
CompareStringW
GetLocalTime
SetTimeZoneInformation
GetStringTypeW
SetHandleCount
GetModuleHandleA
OpenMutexA
SetStdHandle
CreateMutexA
WriteFileEx
EnumDateFormatsExW
EnumCalendarInfoW
GetConsoleCP
GetWindowsDirectoryA
WaitForSingleObject
GetStringTypeA
GetEnvironmentVariableW
GetCPInfo
LoadLibraryA
FormatMessageA
GetSystemInfo
GetTickCount
SetFileAttributesA
GetCurrentProcessId
IsBadWritePtr
SetVolumeLabelW
TlsGetValue
TlsAlloc
WideCharToMultiByte
EnterCriticalSection
FindNextFileW
FormatMessageW
GetProcAddress
ExitProcess
GlobalHandle
GetConsoleTitleW
CompareStringA
GetLastError
GetTempFileNameA
GetTempPathA
GetProcAddress
GetStartupInfoA
InterlockedIncrement
HeapDestroy
FreeEnvironmentStringsW
DeleteAtom
GetCommandLineA
GlobalGetAtomNameA
DeleteCriticalSection
GetExitCodeThread
GetEnvironmentStringsW
IsBadReadPtr
HeapReAlloc
GlobalFix
GetModuleFileNameW
GetPrivateProfileIntA
FlushFileBuffers
GetSystemDirectoryW
WriteFile
ExpandEnvironmentStringsW
HeapCreate
LeaveCriticalSection
GetCurrentProcess
GetDateFormatW
GetVersion
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
FindResourceExW
GetACP
WritePrivateProfileStringA
CreateProcessA
MultiByteToWideChar
ConvertDefaultLocale
VirtualAlloc
InterlockedDecrement
LCMapStringA
AddAtomA
WriteProfileStringA
TlsSetValue
CreateThread
GetFileSize
GetUserDefaultLCID
GetLogicalDriveStringsW
VirtualQuery
GetCommandLineW
Sleep
GetSystemTime
GetTimeZoneInformation
CreateDirectoryA
SetFilePointer
DebugActiveProcess
RemoveDirectoryA
GetFileType
CopyFileExA
GetFullPathNameA
GetCurrentDirectoryW
GetStdHandle
HeapFree
SetThreadIdealProcessor
QueryPerformanceCounter
TerminateProcess
DeleteFileA
RemoveDirectoryW
ReadFile
EnumSystemLocalesW
RtlUnwind
CreateEventW
GetModuleFileNameA
GetCurrentThreadId
LoadResource
HeapAlloc
CloseHandle
InterlockedExchange
LCMapStringW
TlsFree
InitializeCriticalSection
GetSystemTimeAsFileTime
CreateDirectoryW
GetConsoleScreenBufferInfo

comdlg32

FindTextW
GetSaveFileNameW

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb5a73b93bbf3d6e872a789eb1126a90

Headers

File Characteristics

PDB Paths

Imports

shell32

wininet

comctl32

advapi32

user32

kernel32

comdlg32

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 88KB - Virtual size: 115KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 88KB - Virtual size: 115KB

.rsrc
Size: 24KB - Virtual size: 22KB