428f354e2d310fc7d7677df9650ea283_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

428f354e2d310fc7d7677df9650ea283_JaffaCakes118
Size

399KB
MD5

428f354e2d310fc7d7677df9650ea283
SHA1

8bee5b699e389345f1024968f3b5825f83b906f3
SHA256

4fbed3ab2d46d559c395f52f25d519a44d1fed78a33de0f05ee88bf19608ea1b
SHA512

db587bc642ae979b20a212d2cba0c8aaf4cf86bceeda4e49d8153fb7e0948b983a12cc3798c7edad00c43b8e6da1c75d64a9665d8655bedddc4586143464e456
SSDEEP

6144:0tVAGiuOMfRh+h1V2JryrA6AybofmXNPxSc4ZB5ka4B2ELEzt/SoVX9QZQ9e/j6+:0I1Wa3AyMOXfSTri2EUS2tHA/jm4Di

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428f354e2d310fc7d7677df9650ea283_JaffaCakes118

Files

428f354e2d310fc7d7677df9650ea283_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2773ca6e44c967d2bf4e84a38c1702a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

InternalExtractIconListW
SHGetSpecialFolderLocation
SHAppBarMessage
ShellAboutW
ExtractAssociatedIconW
ShellExecuteW
SHGetSpecialFolderPathW
SheChangeDirExW
SHFileOperationA
SHGetPathFromIDListA
SHGetDataFromIDListA
DragQueryFileA
SHGetMalloc
SHGetFileInfoW
SHGetPathFromIDListW
DragFinish
SHEmptyRecycleBinA

gdi32

EnumICMProfilesW
SetTextJustification
ExtTextOutW

comdlg32

ReplaceTextA
FindTextW
ReplaceTextW
FindTextA
PageSetupDlgA
GetSaveFileNameW

user32

DestroyMenu
ExitWindowsEx
AppendMenuA
DdeUnaccessData
GetMenuItemRect
CharToOemBuffW
GetClipboardSequenceNumber
CreateIcon
SetMenuContextHelpId
SetCaretPos
ToAscii
GetKeyNameTextW
SetProcessWindowStation
GetClassLongW
ShowWindow
SetWindowContextHelpId
SetPropA
LoadMenuIndirectW
OffsetRect
ShowCursor
GetForegroundWindow
GetClassWord
OpenInputDesktop

kernel32

TerminateProcess
GetCPInfo
LCMapStringW
GetTickCount
ExitProcess
VirtualAlloc
WriteFile
DeleteCriticalSection
GetCurrentThread
FileTimeToSystemTime
LocalReAlloc
FreeEnvironmentStringsW
GetCommandLineA
InterlockedExchange
ExpandEnvironmentStringsW
GetStartupInfoW
TlsGetValue
TlsSetValue
GetCurrentProcess
HeapCreate
SetLastError
GetFileType
GetPrivateProfileStringA
ExitThread
HeapReAlloc
UnhandledExceptionFilter
LCMapStringA
GetStringTypeA
GetVersion
VirtualQuery
GetLocaleInfoW
GetModuleFileNameA
GetACP
FreeEnvironmentStringsA
SetHandleCount
EnumCalendarInfoExW
GetStartupInfoA
GetCurrentThreadId
SetConsoleScreenBufferSize
GetOEMCP
TransmitCommChar
CreateSemaphoreA
HeapDestroy
EnterCriticalSection
lstrcmpiW
GetSystemTimeAsFileTime
LoadLibraryA
EnumTimeFormatsA
GetStdHandle
GetThreadSelectorEntry
CreateThread
CreateMutexA
HeapFree
GetLastError
QueryPerformanceCounter
IsBadWritePtr
GetEnvironmentStrings
GetModuleHandleA
MultiByteToWideChar
HeapAlloc
RtlUnwind
InitializeCriticalSection
TlsFree
LeaveCriticalSection
GetEnvironmentStringsW
GetProcAddress
VirtualFree
GetStringTypeW
TlsAlloc
WideCharToMultiByte
GetCurrentProcessId

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2773ca6e44c967d2bf4e84a38c1702a0

Headers

File Characteristics

Imports

shell32

gdi32

comdlg32

user32

kernel32

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 267KB - Virtual size: 278KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 267KB - Virtual size: 278KB

.rsrc
Size: 8KB - Virtual size: 7KB