462f5f4dd22b75724f67c2954e420721_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

462f5f4dd22b75724f67c2954e420721_JaffaCakes118
Size

600KB
MD5

462f5f4dd22b75724f67c2954e420721
SHA1

afed7fb9662571b30cb7dd8f9492014f334107c6
SHA256

edb8d31dfffaa4ac0cfd7572e5a83e3dd266f59b24e80864f164a481742081c0
SHA512

06c9943822453befc48b945574ddfda21bd0541e01ab4b667e93eab9dbfcfca73115ab91f22434e6443b730c5ede19f72ec4fcc7714c8efeae406469e65bd69e
SSDEEP

12288:TEtAyMafnhQLMJojvkWKAX9PXiD6Niqoo350ESdLJtZFG3SAF4:ahfnhD2cWKEg6qo3ytBFG3SAF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462f5f4dd22b75724f67c2954e420721_JaffaCakes118

Files

462f5f4dd22b75724f67c2954e420721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5034da703135cda8b21e5b26c88a672

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusTextA
ImageList_LoadImageW
CreateMappedBitmap
ImageList_BeginDrag
ImageList_ReplaceIcon
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_SetFilter

user32

SetClipboardViewer
InvalidateRgn
DdeImpersonateClient
CharUpperW
GetParent
DefFrameProcA
RegisterHotKey
DestroyWindow
DlgDirSelectComboBoxExW
CreateWindowStationW
SendNotifyMessageA
SetFocus
EnumDisplayDevicesW
DdeReconnect
DefMDIChildProcW
WINNLSEnableIME
RegisterDeviceNotificationW
TabbedTextOutA
GetWindowTextW
DefWindowProcW
SetWindowLongA
RegisterClassA
LoadKeyboardLayoutA
IsCharLowerW
CreateMDIWindowW
GetDCEx
WindowFromPoint
CreateWindowExW
LoadMenuW
UnregisterClassW
GetSystemMenu
SetWindowContextHelpId
DrawFrameControl
VkKeyScanA
GetClassInfoW
GetMonitorInfoA
LoadCursorA
CallWindowProcA
GetMenu
GetMenuItemRect
CharPrevExA
SetWindowsHookExA
GetAsyncKeyState
TileChildWindows
TrackPopupMenu
SetShellWindow
InflateRect
MapVirtualKeyExA
TranslateAccelerator
GetMenuInfo
ScrollWindowEx
ShowWindow
OemToCharBuffA
SetScrollPos
DdeKeepStringHandle
RegisterClassExA
AttachThreadInput
MessageBoxA
EnumChildWindows
ShowOwnedPopups
GetGuiResources
IsClipboardFormatAvailable
GetFocus
SetSystemCursor
CreateMenu
GetMessagePos
IsRectEmpty
GetKeyState

kernel32

SetConsoleWindowInfo
FindNextFileW
GetPrivateProfileSectionNamesA
HeapCreate
GetLastError
WriteConsoleOutputCharacterA
CreateFileA
lstrcpyA
GetTickCount
InitializeCriticalSection
IsBadWritePtr
GetDateFormatA
FindResourceW
GetCurrentThread
WriteConsoleInputW
LocalLock
CommConfigDialogW
CreateEventA
WriteConsoleOutputCharacterW
FindAtomA
LCMapStringA
HeapReAlloc
GlobalFindAtomA
TlsGetValue
VirtualProtect
GetModuleHandleA
GetTimeFormatA
OpenMutexA
GetOEMCP
FlushFileBuffers
EnumDateFormatsExA
RtlUnwind
GetUserDefaultLCID
AddAtomA
WritePrivateProfileStructW
GetLocaleInfoW
LoadLibraryA
EnumCalendarInfoA
GetCurrentDirectoryW
SetHandleCount
CloseHandle
VirtualUnlock
GetSystemInfo
CreateDirectoryA
GetCommandLineW
GetEnvironmentStrings
FormatMessageW
SetThreadLocale
MultiByteToWideChar
FreeEnvironmentStringsW
lstrcat
GetProcAddress
GetCurrentProcess
GetCommandLineA
EnterCriticalSection
WaitNamedPipeA
LockFile
ReadConsoleOutputW
IsValidLocale
TlsAlloc
FillConsoleOutputAttribute
IsValidCodePage
HeapSize
EnumCalendarInfoExA
LocalUnlock
InitializeCriticalSectionAndSpinCount
GetThreadContext
CompareStringW
CreateMutexA
UnhandledExceptionFilter
SetLastError
DeleteCriticalSection
SetFilePointer
InterlockedExchange
GetEnvironmentStringsW
WriteFile
SetStdHandle
VirtualAlloc
HeapFree
GetSystemTimeAsFileTime
WideCharToMultiByte
GetACP
GetShortPathNameA
SetComputerNameW
GetVersionExA
GetFileType
lstrcatA
CompareStringA
GetLocaleInfoA
AllocConsole
GetTempPathW
VirtualFree
TlsSetValue
WriteProfileStringA
GetStdHandle
GlobalFix
LeaveCriticalSection
MoveFileExW
TlsFree
FoldStringA
TerminateThread
HeapAlloc
TerminateProcess
GetCurrentThreadId
GetCPInfo
LocalSize
GetTimeFormatW
GetNamedPipeHandleStateW
QueryPerformanceCounter
ExitProcess
LCMapStringW
GetStringTypeW
VirtualQuery
FreeEnvironmentStringsA
GetTimeZoneInformation
SetThreadIdealProcessor
SetVolumeLabelW
GetConsoleCP
SetEnvironmentVariableA
FindResourceExA
GetStringTypeExA
SetThreadPriority
OutputDebugStringW
VirtualAllocEx
GetModuleFileNameA
EnumSystemLocalesA
EnumDateFormatsW
ReadFile
HeapDestroy
GetStartupInfoA
UnmapViewOfFile
ConnectNamedPipe
OpenSemaphoreA
GetStringTypeA
GetPrivateProfileStructA
GetCurrentProcessId

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5034da703135cda8b21e5b26c88a672

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 268KB - Virtual size: 266KB

.data Size: 108KB - Virtual size: 122KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 268KB - Virtual size: 266KB

.data
Size: 108KB - Virtual size: 122KB

.rsrc
Size: 36KB - Virtual size: 35KB