45d1967349428e2acbaf7668726a6db8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45d1967349428e2acbaf7668726a6db8_JaffaCakes118
Size

308KB
MD5

45d1967349428e2acbaf7668726a6db8
SHA1

9dbefcf16023f2f5e89d544e88bbe0cc1bb38c69
SHA256

9102442748f31398061ede9a81fed04d5b26846f4587aa1287c2eff97d6904c9
SHA512

416be19d37ef55a3a812c223c69f5f2eb4ddd9cf36e6c01a3b062dcf0cf3d90713ab25a446a0de659bec1d1b0b4c623a507c1aa3c7b056764ccd98a616d3133e
SSDEEP

6144:VQ2n0fFXNt9MLocCo9K3wS1RBFhCow92jg1zwj75rDRlO:VQM0fFXNbM5ZFSIow9PQPRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d1967349428e2acbaf7668726a6db8_JaffaCakes118

Files

45d1967349428e2acbaf7668726a6db8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c540e6668dea59f640eeb64de507b45a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageInfo
ImageList_SetIconSize
DrawStatusText
ImageList_SetFilter
ImageList_Read
InitCommonControlsEx

user32

DdeQueryStringW
GetMenuDefaultItem
IsCharAlphaNumericA
SetDebugErrorLevel
SetShellWindow
CreateWindowExW
GetClassInfoA
RegisterClipboardFormatA
GetUpdateRect
DdeUnaccessData
RegisterClassA
GetActiveWindow
ShowWindow
GetDlgItem
ScrollDC
WinHelpW
RemoveMenu
UpdateWindow
MapVirtualKeyW
CreateAcceleratorTableA
GetCapture
RegisterClassExA
DestroyWindow
InsertMenuA
MapWindowPoints
SetWindowLongA
DefWindowProcW
MessageBoxW
LoadCursorW
CharLowerW
AdjustWindowRectEx
WindowFromPoint
DialogBoxParamA
DialogBoxIndirectParamW

kernel32

VirtualUnlock
InterlockedDecrement
GetTimeZoneInformation
HeapSize
TlsAlloc
SetConsoleActiveScreenBuffer
GetTimeFormatA
GetCommandLineW
ReadFile
DeleteCriticalSection
GetStringTypeW
MoveFileW
PulseEvent
GetCPInfo
HeapReAlloc
TlsGetValue
FreeLibrary
GetModuleFileNameW
WriteConsoleOutputA
GetDateFormatA
GetUserDefaultLCID
GetDiskFreeSpaceA
GetConsoleCP
LoadLibraryA
HeapLock
GetCommandLineA
SetFilePointer
GetACP
HeapDestroy
OpenWaitableTimerA
WideCharToMultiByte
lstrcmpiA
InterlockedIncrement
IsValidLocale
GetSystemTimeAsFileTime
GetCurrentThread
VirtualAlloc
TlsFree
GetStringTypeA
GetLocaleInfoW
EnterCriticalSection
HeapFree
IsBadReadPtr
WriteFile
GetStdHandle
WriteConsoleOutputCharacterW
HeapAlloc
GetConsoleOutputCP
DeleteFileA
VirtualQuery
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
LCMapStringW
IsValidCodePage
WriteConsoleW
TlsSetValue
QueryPerformanceCounter
GetModuleHandleW
CreateMutexA
UnhandledExceptionFilter
FlushFileBuffers
MultiByteToWideChar
CloseHandle
GetLastError
SetLastError
OpenMutexA
CreateFileA
GetLocaleInfoA
SetUnhandledExceptionFilter
SetHandleCount
ReadConsoleOutputCharacterW
GetStartupInfoA
InterlockedExchange
ExitProcess
GetCurrentProcessId
GetFileType
LeaveCriticalSection
SetEnvironmentVariableA
CompareStringA
GetCurrentThreadId
GetOEMCP
SetStdHandle
GetEnvironmentStringsW
RtlUnwind
EnumSystemLocalesA
SetConsoleCtrlHandler
FindClose
Sleep
GetModuleFileNameA
IsDebuggerPresent
GetProcAddress
WriteConsoleA
TerminateProcess
CompareStringW
EnumDateFormatsW
GetModuleHandleA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetTickCount
GetThreadContext
SetThreadContext
HeapCreate
VirtualFree
GetStartupInfoW

advapi32

CreateServiceW
RegCreateKeyExA
InitializeSecurityDescriptor
RegEnumKeyExA
RevertToSelf
RegCreateKeyExW

shell32

SHGetFileInfoA
SheGetDirA
SHEmptyRecycleBinW
DragQueryFile

gdi32

CreateHalftonePalette
GetPixel
GetObjectA
PolyDraw
EndDoc
GetCharWidthW
SetWindowOrgEx
ScaleViewportExtEx
RealizePalette
GetCharABCWidthsFloatA
ChoosePixelFormat
GetTextCharsetInfo
TextOutA
BeginPath
GetBitmapDimensionEx
DeleteObject
GetDeviceCaps
CreateDCA
DeleteDC
ExtTextOutW

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c540e6668dea59f640eeb64de507b45a

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

shell32

gdi32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 92KB - Virtual size: 101KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 92KB - Virtual size: 101KB

.rsrc
Size: 44KB - Virtual size: 41KB