43c66c3c4c422da1026d1c5eadc03fec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43c66c3c4c422da1026d1c5eadc03fec_JaffaCakes118
Size

517KB
MD5

43c66c3c4c422da1026d1c5eadc03fec
SHA1

30f5fe31b01338b0da13d3f3d5d1e887f1870644
SHA256

233414ebb37715f848610671fd863cc17b724ced302322d91aaab50c2d6b83f8
SHA512

87bb03d287e30b479f1abc5aa335354d8fd53197e7e1903bda3d131b8dad907f50af39bdbb0e2ef54385a8d73098eb2a4d23288c310760d6a6adf4b916d2e4b3
SSDEEP

12288:ZLlMDaj9MOT2Kxi11zKrfYcYOZEIP2A+PN+/6:llMDE9MOU1OrfYcXv2A0w/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c66c3c4c422da1026d1c5eadc03fec_JaffaCakes118

Files

43c66c3c4c422da1026d1c5eadc03fec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d485d26815a56815d7bb458756bc88e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
HeapAlloc
EnumSystemLocalesA
GetConsoleOutputCP
GetFileType
GetACP
CompareStringW
GetEnvironmentStrings
CreateFileA
TlsSetValue
OpenMutexA
GetTimeZoneInformation
WriteConsoleA
FreeLibrary
GetTimeFormatA
IsValidLocale
InitializeCriticalSection
Sleep
HeapFree
FlushFileBuffers
SetLastError
GetStringTypeW
GetCommandLineA
GetProcAddress
SetEnvironmentVariableA
GetLocaleInfoA
TerminateProcess
InterlockedIncrement
GetUserDefaultLCID
UnhandledExceptionFilter
CommConfigDialogA
InterlockedExchange
LCMapStringW
SetEndOfFile
LoadLibraryA
GetStringTypeA
SetStdHandle
RtlUnwind
QueryPerformanceCounter
SetHandleCount
LCMapStringA
SetFilePointer
TlsGetValue
GetConsoleMode
CloseHandle
SetConsoleCtrlHandler
TlsAlloc
GetModuleFileNameA
GetSystemTimeAsFileTime
ReadFile
MultiByteToWideChar
HeapCreate
GetStartupInfoA
GetCurrentProcess
DeleteCriticalSection
IsValidCodePage
CreateMutexA
VirtualFree
GetCurrencyFormatW
HeapSize
GetCurrentThread
SetUnhandledExceptionFilter
ExitProcess
GetVersionExA
GetConsoleCP
GetCPInfo
HeapReAlloc
GetLocaleInfoW
GetCurrentThreadId
TlsFree
FreeEnvironmentStringsA
GetStdHandle
GetEnvironmentStringsW
GetCurrentProcessId
IsDebuggerPresent
CompareStringA
GetProcessHeap
GetModuleHandleA
VirtualQuery
GetTickCount
WriteConsoleW
WriteFile
InterlockedDecrement
LeaveCriticalSection
WideCharToMultiByte
GetDateFormatA
GetLastError
EnterCriticalSection
FreeEnvironmentStringsW
HeapDestroy

advapi32

CryptCreateHash
RegSaveKeyA
RegCreateKeyExW
CryptGetKeyParam
LookupAccountSidW
RegLoadKeyW
RegSetValueW
RegEnumValueA
CryptEncrypt
CryptVerifySignatureW
CryptEnumProvidersW
CryptDestroyKey
LookupAccountNameA
RegSetValueExA
CryptGetDefaultProviderW
CryptGetUserKey
CryptDeriveKey
RegOpenKeyExA

comctl32

ImageList_AddIcon
ImageList_BeginDrag
ImageList_Create
ImageList_DrawEx
CreateToolbarEx
ImageList_Read
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_SetIconSize
ImageList_DragLeave
DrawStatusText
ImageList_GetImageCount
ImageList_LoadImageW

wininet

DeleteUrlCacheContainerA
FindFirstUrlCacheContainerA

gdi32

DeleteMetaFile
AbortDoc
AddFontResourceA
GetCharWidthA
GetCharWidth32W
Escape
GetICMProfileA
CreatePen
SetDIBColorTable
ExtSelectClipRgn
GdiSetBatchLimit
PolyBezier
GetMetaFileBitsEx
CloseFigure
SetArcDirection
InvertRgn
CreateEnhMetaFileW

user32

SwitchDesktop
MessageBoxW
GetClassInfoExA
ShowScrollBar
CreateMDIWindowW
SetProcessDefaultLayout
GetMenuDefaultItem
CharLowerW
GetComboBoxInfo
RealChildWindowFromPoint
RegisterClassA
DeferWindowPos
CreateWindowExW
DlgDirSelectComboBoxExA
MessageBoxA
DefWindowProcW
DestroyWindow
AppendMenuW
CloseDesktop
RegisterClassExA
GetWindowContextHelpId
SetCapture
GetAncestor
VkKeyScanExA
EnumDesktopsA
ShowWindow
LoadCursorFromFileA
IsWindowVisible
IsCharUpperA
GetTitleBarInfo

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d485d26815a56815d7bb458756bc88e0

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

wininet

gdi32

user32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 214KB - Virtual size: 224KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 214KB - Virtual size: 224KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 8KB - Virtual size: 7KB