43fea030497bf2695733d960c10f7d6d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43fea030497bf2695733d960c10f7d6d_JaffaCakes118
Size

417KB
MD5

43fea030497bf2695733d960c10f7d6d
SHA1

d70992d3288245185d3063d405551684ac383c61
SHA256

021625e14a8aa53ae1ba3e35753abd91100b8928f7a7b4df3cd34b4f1fe268d2
SHA512

4f7d5b1158e9e7e23993340f8b1f787406fb886c313f5bae579978904160fa02c7d2b45f740162827895f31eb12e8a54a316382ae36feddc772decbd8bd1d29a
SSDEEP

6144:ikDC8MGtIXGE3wN0qb6cNGtbd9boe4PYujJH/iFG8jwPqAOnfc1tFbUzYrakJQxE:P+8MqOQxwT9UA2fiLEifnU1tCEQxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43fea030497bf2695733d960c10f7d6d_JaffaCakes118

Files

43fea030497bf2695733d960c10f7d6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f60afa8712c1ec420902391d7a99d93a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LocalAlloc
lstrcpynW
GetLocalTime
InterlockedCompareExchange
InterlockedExchange
lstrcatW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetLocaleInfoA
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
GlobalAlloc
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
CompareStringW
GetModuleFileNameW
lstrcmpW
VirtualProtect
InterlockedIncrement
lstrlenW
UnhandledExceptionFilter
GlobalFree
GlobalHandle
GlobalUnlock
GlobalLock
SetUnhandledExceptionFilter
SleepEx
QueryDosDeviceA
SystemTimeToTzSpecificLocalTime
CloseHandle
GetSystemInfo
DeviceIoControl
GetDriveTypeA
GetLogicalDriveStringsA
GetDiskFreeSpaceA
GetVolumeInformationA
CreateWaitableTimerA
SetErrorMode
CreateFileA
SetWaitableTimer
GetCommandLineA
GetCPInfo
GetStringTypeW

user32

GetWindowLongW
GetSystemMetrics
DestroyWindow
IsWindow
SetWindowPos
ScreenToClient
InflateRect
DrawTextW
IntersectRect
SetTimer
PtInRect
GetWindowTextW
GetWindowRect
GetClassInfoExW
GetDlgCtrlID
FrameRect
GetSysColorBrush
KillTimer
SetScrollPos
DrawEdge
GetScrollInfo
UpdateWindow
SetScrollInfo
RegisterClassExW
FillRect
SetWindowLongW
DefWindowProcW
EnableWindow
GetScrollPos
CreateWindowExW
GetSysColor
SetWindowTextW
GetCursorPos
LoadCursorW
BeginPaint
EndPaint
ShowWindow
InvalidateRect
IsWindowVisible
MapWindowPoints
GetDC
ReleaseDC
SendMessageW
GetDlgItem
GetClientRect

advapi32

OpenEventLogA
CloseEventLog
RegEnumValueA
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle
StartServiceA
QueryServiceStatus
OpenServiceA
ReadEventLogA

gdi32

BitBlt
DeleteDC
CreateSolidBrush
SetBkMode
SetTextColor
GetRgnBox
GetTextExtentPoint32W
ExtTextOutW
CreateCompatibleBitmap
GetClipRgn
CreateRectRgnIndirect
TextOutW
GetTextExtentPointA
CreateCompatibleDC
GetTextMetricsW
SelectObject
DeleteObject
GetStockObject
CreateFontIndirectW
GetDeviceCaps
EnumFontFamiliesExW
GetObjectW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoFileTimeToDosDateTime

rpcrt4

I_RpcAllocate
I_RpcFree
I_RpcBindingToStaticStringBindingW
I_RpcNsBindingSetEntryNameW
RpcBindingFromStringBindingW
RpcBindingVectorFree
RpcStringBindingParseW
RpcBindingToStringBindingW
RpcStringFreeW
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall2
RpcStringFreeA
RpcBindingFree
RpcRaiseException
I_RpcGetBuffer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60afa8712c1ec420902391d7a99d93a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 331KB - Virtual size: 330KB

.data Size: 12KB - Virtual size: 336KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 331KB - Virtual size: 330KB

.data
Size: 12KB - Virtual size: 336KB

.rsrc
Size: 4KB - Virtual size: 3KB