428fdf40f1adaa23fb030682caec9974_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

428fdf40f1adaa23fb030682caec9974_JaffaCakes118
Size

268KB
MD5

428fdf40f1adaa23fb030682caec9974
SHA1

b6125e749ca4d698477b3c3a7d35057d3ece5f21
SHA256

ca13368bbdb1d90bd3a4ab3d882ff30996afea048c48f39a101a84c9cd8b22e9
SHA512

13876b1ed583fb441edbe0f30e77d20a35c982eb7db044445e6358928aed5b41d1304a4039d812dc4338115c67a65b931e566e9f25093a183231a7f7ee5cc0a6
SSDEEP

6144:Jud5V2NUl/GCGmtNERBt9wqTmivfRx89DsTJYj9:4oUJGCGiGT6qFvpxyDsTax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428fdf40f1adaa23fb030682caec9974_JaffaCakes118

Files

428fdf40f1adaa23fb030682caec9974_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17791bf93a1d997292065f8735d888fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FlashWindow
CreateIcon
OpenInputDesktop
IsCharAlphaW
GetWindowPlacement
MessageBoxA
GetWindowLongA
EnumDisplaySettingsExW
RegisterClassA
SetMenuInfo
CloseDesktop
GetLastActivePopup
DdeCreateStringHandleW
CreateWindowExW
SetPropW
ShowWindow
WaitMessage
EnumDisplayDevicesW
GetAltTabInfo
DdeAddData
GetMenuBarInfo
ToUnicodeEx
LoadMenuIndirectW
TranslateAcceleratorW
InvertRect
GetWindowContextHelpId
GetMenuItemID
DestroyWindow
GetWindowThreadProcessId
EditWndProc
UnhookWindowsHookEx
CreateAcceleratorTableA
OemToCharBuffW
RegisterClassExA
DefWindowProcA
DdeQueryStringW
MessageBoxW
GetMenuStringW
ShowScrollBar
EnumDisplaySettingsExA
RegisterClassW
DdeFreeStringHandle
EnumWindowStationsA
MapVirtualKeyExW
SetWinEventHook
GetDlgCtrlID
ChangeMenuW

advapi32

InitiateSystemShutdownA
RegEnumValueA
CryptDestroyKey
RegQueryValueA
RegRestoreKeyW
RegSaveKeyW
RegSetValueExA
CryptEncrypt
RegOpenKeyA
CryptCreateHash
StartServiceA
CryptContextAddRef
RegOpenKeyExW
LookupAccountNameW
AbortSystemShutdownA
RegQueryValueExW
LookupAccountSidA

comctl32

ImageList_DragLeave
ImageList_SetFlags
ImageList_BeginDrag
ImageList_SetFilter
ImageList_Add
CreateMappedBitmap
ImageList_LoadImageA
ImageList_Remove
InitCommonControlsEx
ImageList_DrawIndirect
CreateToolbar
ImageList_EndDrag
ImageList_LoadImage
DrawInsert
ImageList_DragEnter
ImageList_SetIconSize
ImageList_AddIcon
ImageList_GetImageRect
ImageList_SetOverlayImage
ImageList_GetFlags
ImageList_GetBkColor

kernel32

GetThreadSelectorEntry
VirtualLock
InterlockedDecrement
lstrcpynW
GetCommandLineA
SetHandleCount
HeapReAlloc
GetFileType
FreeEnvironmentStringsA
EnumResourceLanguagesW
ReadFile
InitializeCriticalSection
HeapAlloc
HeapFree
SetFileAttributesA
AllocConsole
GetEnvironmentStringsW
SetConsoleScreenBufferSize
EnumResourceNamesA
WaitForMultipleObjectsEx
SetFileTime
LeaveCriticalSection
GetACP
GetProfileStringW
FlushFileBuffers
LCMapStringW
SetFilePointer
MultiByteToWideChar
EnterCriticalSection
GetStartupInfoA
DeleteAtom
GetEnvironmentStrings
GetCurrentThreadId
GetCPInfo
WriteFile
GetSystemTime
GetProcAddress
GetVersion
TlsSetValue
VirtualFree
VirtualQuery
WideCharToMultiByte
OpenMutexA
GetFileTime
SetEnvironmentVariableA
GetFileAttributesW
GetModuleHandleA
GetStringTypeA
GetLocalTime
LoadLibraryA
GlobalFindAtomA
UnhandledExceptionFilter
GetOEMCP
DeleteCriticalSection
GetStringTypeExA
GetStringTypeW
SetLastError
GetTickCount
GetSystemTimeAsFileTime
GetLastError
GetExitCodeProcess
CompareStringW
HeapDestroy
QueryPerformanceCounter
InterlockedIncrement
GetTimeZoneInformation
ReadConsoleW
CopyFileExA
InterlockedExchange
GetModuleFileNameA
GetCurrentProcessId
SetConsoleWindowInfo
GetCurrentProcess
TlsFree
CloseHandle
CreateFileA
ReadConsoleOutputAttribute
OpenMutexW
GetStdHandle
FreeEnvironmentStringsW
TlsGetValue
HeapCreate
TerminateProcess
CreateMutexA
ExitProcess
VirtualAlloc
GetComputerNameW
GetConsoleScreenBufferInfo
LCMapStringA
RtlUnwind
CompareStringA
SetStdHandle
TlsAlloc
GetCurrentThread
IsDebuggerPresent
IsBadWritePtr

wininet

FindNextUrlCacheContainerW
InternetTimeFromSystemTimeW
CreateUrlCacheContainerW
InternetLockRequestFile
GetUrlCacheConfigInfoW
FtpOpenFileA
InternetGoOnline

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17791bf93a1d997292065f8735d888fb

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

wininet

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 88KB - Virtual size: 90KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 88KB - Virtual size: 90KB

.rsrc
Size: 16KB - Virtual size: 14KB