459af1ea7c751f14479307d687e5b6b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

459af1ea7c751f14479307d687e5b6b5_JaffaCakes118
Size

321KB
MD5

459af1ea7c751f14479307d687e5b6b5
SHA1

fa42e6e9f03b55bbe201af98d2ee1215b1d3906b
SHA256

4f03d0e853658f76b094599028455c9a9014f0633adb652d3afa57fe019b2080
SHA512

8b8a451c5a0695236ad4c8e8e5538ae9a263f47b70915120d3a571a42989d60255ae11ffd4df83c8de7365b4bc89aa0a24dc9e1e926017d973a522704a87b07d
SSDEEP

6144:LBeoTZ20kuB5Q7ks/NQxYwRttI8vJH5o73/:FrF20rInNQxYwDtI8vQj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
459af1ea7c751f14479307d687e5b6b5_JaffaCakes118

Files

459af1ea7c751f14479307d687e5b6b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce913c45d8d477c78220640b52492deb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
CloseHandle
GetProcAddress
HeapCreate
SetConsoleCursorInfo
GetStringTypeW
LCMapStringW
CompareStringW
VirtualFree
RaiseException
GetStartupInfoW
lstrcpy
QueryPerformanceCounter
SetLastError
VirtualUnlock
SetEnvironmentVariableA
OpenFileMappingA
GetPrivateProfileStringA
AllocConsole
GetCurrentProcessId
SetLocaleInfoW
IsValidLocale
FlushFileBuffers
GetTimeFormatA
SetConsoleMode
GetLogicalDriveStringsW
GetModuleFileNameW
VirtualAlloc
IsValidCodePage
SetFilePointer
HeapSize
TlsFree
CommConfigDialogW
GetStdHandle
ExpandEnvironmentStringsW
ResetEvent
GetCompressedFileSizeW
GetCurrentDirectoryA
SetConsoleActiveScreenBuffer
GetSystemTimeAdjustment
HeapReAlloc
EnumSystemCodePagesW
HeapFree
ConvertDefaultLocale
WriteProfileSectionA
GetSystemTimeAsFileTime
WriteFileEx
CreateFileA
WaitForSingleObjectEx
SetHandleCount
ExitProcess
LockFile
FormatMessageA
FreeLibrary
GetOEMCP
GetLocaleInfoW
WriteConsoleOutputW
WideCharToMultiByte
GetVolumeInformationA
SetStdHandle
GlobalSize
GetVersionExA
IsBadWritePtr
GetCommandLineA
FindResourceA
GetTickCount
GetCurrentProcess
TlsSetValue
GetTimeZoneInformation
CreateMailslotA
OpenMutexA
VirtualQuery
CreateMutexA
GetModuleHandleA
GetDiskFreeSpaceExA
GetEnvironmentStringsA
LeaveCriticalSection
GetDateFormatA
GetProfileSectionW
ReadConsoleOutputAttribute
EnterCriticalSection
TerminateProcess
GetVolumeInformationW
VirtualProtect
DeleteAtom
LocalShrink
GetACP
TlsAlloc
DebugActiveProcess
FreeEnvironmentStringsW
GetStringTypeA
FindAtomA
FreeEnvironmentStringsA
InterlockedCompareExchange
GetUserDefaultLCID
RtlUnwind
GetLocaleInfoA
LCMapStringA
DeleteCriticalSection
LocalCompact
GetEnvironmentStrings
GetFileType
GetCommandLineW
CompareStringA
HeapDestroy
MultiByteToWideChar
WriteConsoleOutputCharacterW
LoadLibraryA
GetCurrentThread
GetWindowsDirectoryW
WriteFile
InterlockedExchange
lstrcpynA
HeapAlloc
GetCurrencyFormatA
GlobalFlags
EnumSystemLocalesA
SetComputerNameW
GetCurrentThreadId
ReadFile
GetLastError
ReleaseMutex
GetTempFileNameW
CommConfigDialogA
InitializeCriticalSection
GetEnvironmentStringsW
GetSystemInfo
OpenEventW
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetCPInfo
GetStartupInfoA
TlsGetValue

comctl32

ImageList_Draw
CreatePropertySheetPageW
ImageList_SetFlags
CreateMappedBitmap
GetEffectiveClientRect
InitCommonControlsEx
ImageList_LoadImage
DrawStatusText
ImageList_EndDrag
ImageList_Add
CreatePropertySheetPage
ImageList_LoadImageA
ImageList_GetIcon
DrawStatusTextW
CreateStatusWindowW
DrawInsert
ImageList_Merge
ImageList_SetOverlayImage
ImageList_DragShowNolock
ImageList_Remove
ImageList_AddIcon
ImageList_DragMove
ImageList_Duplicate
ImageList_GetFlags
ImageList_DrawIndirect

user32

RegisterClassA
ReplyMessage
CharPrevW
GetQueueStatus
EnumDisplaySettingsW
EnumPropsExA
SetClipboardData
MenuItemFromPoint
GetClassInfoExA
NotifyWinEvent
DrawStateA
GetComboBoxInfo
CharNextA
CharUpperBuffW
DrawFrameControl
FindWindowExA
SetUserObjectInformationW
RegisterClassExA
PeekMessageA
CharToOemA
GetKeyboardType
CallMsgFilterW
SetCaretPos
EndMenu
SetDeskWallpaper
AdjustWindowRect
EndTask
CallWindowProcA
ShowWindowAsync
CloseWindowStation
SetCursorPos
CopyAcceleratorTableA
LoadAcceleratorsW
ToAscii
CopyRect
DispatchMessageW
DdeGetLastError
MsgWaitForMultipleObjects
SwapMouseButton
ScreenToClient
DestroyCursor
TranslateAcceleratorA
LoadImageA
DrawTextExW
DrawTextA
SetScrollInfo
DrawMenuBar
CharLowerW
UnhookWinEvent
GetWindowWord
WINNLSEnableIME
DialogBoxParamA
SetProcessDefaultLayout
EnumDisplayDevicesA
SendIMEMessageExW
ChangeDisplaySettingsExW
UnhookWindowsHook
TrackPopupMenu
MessageBoxA
GetMenuStringW

wininet

InternetSetFilePointer
UnlockUrlCacheEntryFile
DetectAutoProxyUrl
ShowSecurityInfo
InternetCheckConnectionA
InternetOpenA
InternetTimeToSystemTimeA
SetUrlCacheEntryGroupA

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce913c45d8d477c78220640b52492deb

Headers

File Characteristics

Imports

kernel32

comctl32

user32

wininet

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 85KB - Virtual size: 110KB

.rsrc Size: 58KB - Virtual size: 57KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 85KB - Virtual size: 110KB

.rsrc
Size: 58KB - Virtual size: 57KB