43f9571a75bd66d525c0bf8096aac705_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43f9571a75bd66d525c0bf8096aac705_JaffaCakes118
Size

552KB
MD5

43f9571a75bd66d525c0bf8096aac705
SHA1

a15a7be7a8de9194bf3842b0179e4a9717490b8a
SHA256

a1973803d70e4d235b2880c2a630c3475a64cef71997fd302ce58559a1ef642e
SHA512

8bac1fa1f40c99d078f19dc934576f1d4ed4122b01fb47e7d915243b099fe392e702cb596c694211746e65a63cf86f3cadf534895300d8bc84d50e67527474b3
SSDEEP

12288:6nIMX35kcG0cnCg3QkZNxjqOsVo4tDo2wEDajl:6IMXpkcG0cP3ZZNxjgdRY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43f9571a75bd66d525c0bf8096aac705_JaffaCakes118

Files

43f9571a75bd66d525c0bf8096aac705_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0db037ff298e7988670cb83120f232f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddIcon
InitCommonControlsEx

user32

GetTabbedTextExtentA
GetMenuStringA
LoadImageW
DlgDirSelectExW
SetScrollPos
SetMenu
OemToCharA
GetAsyncKeyState
RegisterClassExA
CharUpperW
SetPropA
RegisterClassA
GetClientRect
CharPrevExA
CallNextHookEx
DdeUnaccessData
SetDebugErrorLevel
ValidateRgn
SetProcessWindowStation
EndDeferWindowPos
CreateWindowExA
GetMessageA
RegisterHotKey
GetKeyboardState
ChangeDisplaySettingsExW
UnregisterHotKey
PostMessageW
DdeFreeDataHandle
SetWindowRgn
GetTitleBarInfo
SendNotifyMessageA
CreateDialogParamW
PaintDesktop
ChangeClipboardChain
GetWindowTextLengthW
GetKeyboardLayoutNameW
GetWindowWord
TileWindows
GetQueueStatus
SystemParametersInfoA
SetDlgItemInt
GetDialogBaseUnits

kernel32

SetLastError
TlsGetValue
DeleteCriticalSection
GetStringTypeW
TlsSetValue
WriteConsoleOutputCharacterA
GetEnvironmentStrings
RemoveDirectoryA
FreeEnvironmentStringsA
lstrcpy
FlushFileBuffers
GetTempFileNameA
InterlockedExchange
GetUserDefaultLCID
GetTimeFormatA
ExitProcess
IsValidLocale
LocalAlloc
LCMapStringA
GetNamedPipeHandleStateA
GetConsoleCP
GetCompressedFileSizeA
QueryPerformanceCounter
HeapCreate
SetConsoleWindowInfo
TlsFree
GetModuleFileNameA
EnterCriticalSection
OpenMutexA
lstrcpyW
InitializeCriticalSection
LocalFree
GetLocaleInfoW
CompareStringA
FillConsoleOutputCharacterA
ReadFile
lstrcat
WaitForMultipleObjectsEx
VirtualAllocEx
GetNamedPipeHandleStateW
GetEnvironmentStringsW
GetVersionExW
GetProcAddress
HeapDestroy
GetProfileSectionW
SetTimeZoneInformation
SetThreadAffinityMask
CreateMutexA
LeaveCriticalSection
GetCPInfo
HeapReAlloc
DeleteAtom
GetThreadTimes
GetShortPathNameW
ExitThread
GetFileType
IsValidCodePage
WritePrivateProfileSectionA
GetDriveTypeW
MultiByteToWideChar
GetLocaleInfoA
CloseHandle
SetEvent
GetVersionExA
GetOEMCP
SetStdHandle
VirtualQuery
IsBadWritePtr
SetHandleCount
GetCurrentProcess
GetLogicalDriveStringsW
GetCurrentThread
WideCharToMultiByte
GetFullPathNameA
LoadLibraryA
SetConsoleTitleA
GetStdHandle
SetThreadLocale
RtlZeroMemory
CreateSemaphoreW
RaiseException
HeapSize
EnumResourceNamesW
GetLongPathNameW
RtlUnwind
GetModuleHandleW
GetTempPathA
VirtualFree
RemoveDirectoryW
lstrcmpA
SetEnvironmentVariableA
WritePrivateProfileStructW
GetLastError
GetTickCount
GlobalFlags
GetPrivateProfileSectionNamesW
ReadConsoleOutputAttribute
GetCurrentThreadId
GetStringTypeA
SetThreadIdealProcessor
GetSystemTimeAsFileTime
TlsAlloc
LCMapStringW
GetConsoleCursorInfo
GetProfileIntA
GetModuleHandleA
GetDateFormatA
EnumSystemLocalesA
GetStartupInfoA
HeapAlloc
SetFilePointer
CompareStringW
WriteFile
FreeEnvironmentStringsW
HeapFree
VirtualAlloc
GetCommandLineA
UnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
SetVolumeLabelW
GlobalFindAtomW
WriteConsoleOutputW
GetSystemInfo
CreateProcessA
FileTimeToLocalFileTime
GetProfileStringA
InterlockedIncrement
VirtualProtect
GetConsoleTitleA
AllocConsole
GlobalAlloc
DebugBreak
FindClose
GetCurrentProcessId
GetACP

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0db037ff298e7988670cb83120f232f4

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 119KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 119KB

.rsrc
Size: 28KB - Virtual size: 24KB