4578f2fe0ad3a77a61a77a354b1da044_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4578f2fe0ad3a77a61a77a354b1da044_JaffaCakes118
Size

600KB
MD5

4578f2fe0ad3a77a61a77a354b1da044
SHA1

422880f18c6a6663876ce962dec62a07a97abe24
SHA256

7b1692882a65b41a159b0f56b5c344aee91fb7c5ec3faa6cf62034c835fd780e
SHA512

db65921afbb2918aa69384b95badee4545c83a0911b779fec6f078e8f235e0c806fbc389da65939dcdb1c61403a58acccbe5e4ee4602564d4b112140ce229c8e
SSDEEP

12288:gN0pthIZRqHUtbvS1tXB+ifXqsOwUFUaNXHAA:gypthIZsHAq1dB+if6Lwc5HA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4578f2fe0ad3a77a61a77a354b1da044_JaffaCakes118

Files

4578f2fe0ad3a77a61a77a354b1da044_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0f0aab336713a0754e91360ed842f883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
DeleteDC
GetStockObject
DeleteObject
SetBkColor
CreateCompatibleDC
SelectObject
GetDeviceCaps
CreateSolidBrush

user32

SetForegroundWindow
MoveWindow
PostQuitMessage
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GetDC
GetCursorPos
DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetWindowLongA
SetTimer
FillRect
MapWindowPoints
ClientToScreen
BeginPaint
SetFocus
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
SetWindowLongA
SetWindowTextA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadIconA
TrackPopupMenu
GetDesktopWindow
ReleaseDC
EndDialog
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
GetFocus
SetCursor

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA

kernel32

RtlUnwind
FreeEnvironmentStringsA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
ExpandEnvironmentStringsA
FreeEnvironmentStringsW
GetLocaleInfoW
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
FormatMessageW
GetExitCodeProcess
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
TlsGetValue
GetModuleFileNameW
VirtualProtect
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
MultiByteToWideChar
GetLocalTime
SetStdHandle
VirtualAlloc
SetConsoleCtrlHandler
VirtualFree
UnmapViewOfFile
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetVersion
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
Sleep
GlobalLock
RemoveDirectoryA
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
GetFullPathNameA
SetEvent
GetEnvironmentVariableA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GetConsoleMode
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA

Sections

.text
Size: 524KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f0aab336713a0754e91360ed842f883

Headers

File Characteristics

Imports

gdi32

user32

advapi32

kernel32

Sections

.text Size: 524KB - Virtual size: 520KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 28KB - Virtual size: 30KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 524KB - Virtual size: 520KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 8KB - Virtual size: 5KB