469f628df2cd20da0960dd892a34f313_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

469f628df2cd20da0960dd892a34f313_JaffaCakes118
Size

712KB
MD5

469f628df2cd20da0960dd892a34f313
SHA1

4ad711aea57f7661c815688468e0d7c41e878cfd
SHA256

ef9ddf4c572955f829071f87bb6d8db1b42f4fe6cc3a2395ae4d3ae0a3463d71
SHA512

df70f43f50b865cb6aff3cf012345305b77ce1cfe2cc516ea8d08c9de90053d85e6865e74ac904db12d07e2b5432a41f86484d69569996fc86e30fc7b7aeb4ff
SSDEEP

12288:1h66r5blMHZVZddkXW4c0LjswWcYs45SNBkiCalKIH7/BTNVOqM5Y+P:tr03dd54c0TBFlKIb/hNVOmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469f628df2cd20da0960dd892a34f313_JaffaCakes118

Files

469f628df2cd20da0960dd892a34f313_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8a8186647a507b70c87e7533ea40397

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetACP
FlushFileBuffers
RaiseException
GetFileAttributesW
TlsAlloc
GlobalAddAtomA
WaitCommEvent
GetEnvironmentVariableW
GetVersionExW
GetCommandLineA
RtlUnwind
ExitProcess
HeapSize
GetOEMCP
LoadLibraryA
SetLastError
GetTimeZoneInformation
FreeEnvironmentStringsA
GetCurrentThreadId
HeapFree
GlobalDeleteAtom
GetConsoleCursorInfo
TlsFree
VirtualQuery
WaitNamedPipeA
SetThreadAffinityMask
HeapValidate
CreateProcessA
SetConsoleWindowInfo
GetLocaleInfoW
InitializeCriticalSection
GetThreadSelectorEntry
IsValidLocale
GetCurrentThread
HeapDestroy
GetStartupInfoA
CompareStringW
GetLogicalDriveStringsA
GetProcAddress
SetWaitableTimer
QueryPerformanceCounter
TlsSetValue
GetFileType
GetDateFormatA
LoadLibraryW
WriteFile
IsValidCodePage
CreatePipe
WideCharToMultiByte
FoldStringA
CreateThread
OpenMutexW
EnumSystemLocalesA
SetStdHandle
IsBadWritePtr
GetSystemTimeAdjustment
ReadConsoleOutputAttribute
GetFileTime
AddAtomA
LCMapStringW
OpenMutexA
ReleaseSemaphore
GetLastError
VirtualAlloc
CloseHandle
LCMapStringA
FindAtomW
GetSystemTimeAsFileTime
GetDateFormatW
VirtualProtectEx
ReadConsoleA
GetLocaleInfoA
OutputDebugStringW
GetProcessHeap
WriteConsoleOutputCharacterA
CompareStringA
DeleteFileA
UnhandledExceptionFilter
GetCPInfo
GetTickCount
GetCurrentProcess
GetTimeFormatA
ReadFile
HeapCreate
CreateSemaphoreA
InterlockedExchange
GetCommandLineW
VirtualProtect
GetEnvironmentStringsW
ConvertDefaultLocale
ConnectNamedPipe
GlobalFlags
ExitThread
HeapReAlloc
GetModuleHandleA
CreateMailslotW
SetHandleCount
GetUserDefaultLCID
GetStdHandle
FreeEnvironmentStringsW
GetSystemInfo
MultiByteToWideChar
GetConsoleScreenBufferInfo
EnterCriticalSection
GetThreadPriorityBoost
GetVersionExA
GetStringTypeW
SetFilePointer
OpenEventW
SetThreadPriority
OpenEventA
TlsGetValue
TerminateProcess
CreateMailslotA
CreateMutexA
GetStringTypeA
GetEnvironmentStrings
GetCurrentProcessId
GetSystemDefaultLangID
HeapAlloc
GetModuleFileNameW
GetTempPathW
lstrcpyn
lstrcpyA
VirtualFree
GetModuleFileNameA
GlobalAlloc
GetStringTypeExW
LeaveCriticalSection
DeleteCriticalSection
EnumResourceNamesW
GetStartupInfoW
GetPrivateProfileSectionW

gdi32

CreateDCW
GetOutlineTextMetricsW
UnrealizeObject
SelectPalette
GetObjectW
EndPage
GetLogColorSpaceA
FillRgn
CreatePenIndirect
GetCurrentPositionEx
SetMetaRgn
ChoosePixelFormat
GetBrushOrgEx
GetSystemPaletteUse
CreateDIBPatternBrush
DeleteDC
AbortDoc
AddFontResourceA
CheckColorsInGamut
ExtTextOutW
UpdateICMRegKeyW
GetDeviceCaps
PolyBezierTo
GetCharABCWidthsA
GetCharWidthFloatA
GetCharWidthA
GetCharWidthW
StrokeAndFillPath
DeleteObject

advapi32

CryptGetProvParam
CryptSetHashParam
DuplicateTokenEx
RegDeleteKeyA
CryptCreateHash
RegRestoreKeyA
RegSetValueA
RegEnumKeyW
CryptImportKey
CryptDuplicateKey
RegQueryValueExW
CryptSignHashW
CryptSignHashA
CryptVerifySignatureW
CryptHashSessionKey
StartServiceW
CryptEnumProviderTypesW
LookupAccountSidW
CryptDecrypt
CryptEnumProvidersA

user32

GetCapture
SetMenuContextHelpId
DeleteMenu
DrawAnimatedRects
BlockInput
SetDeskWallpaper
LoadKeyboardLayoutA
SetScrollRange
GetInputDesktop
CharUpperW
PeekMessageW
SetRect
ToUnicodeEx
DdeImpersonateClient
MessageBoxA
MapWindowPoints
CreateIconFromResourceEx
GetListBoxInfo
SetShellWindow
DeferWindowPos
GetClipCursor
DdeCmpStringHandles
RegisterClassA
CloseWindowStation
CreateWindowExA
WinHelpW
UnregisterHotKey
DlgDirSelectComboBoxExW
SetParent
RegisterClassExA
EditWndProc
DrawTextExW
ChangeDisplaySettingsA
CreateWindowStationA
LoadBitmapW
SwitchDesktop
RemovePropA
GetWindowInfo
CheckRadioButton
GetMessageA
CharLowerA
IsCharLowerA
MonitorFromPoint
CreateAcceleratorTableW
MoveWindow
DdeQueryConvInfo
CreateCursor
DialogBoxParamW

comctl32

ImageList_LoadImage
ImageList_SetIconSize
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_Copy
ImageList_Replace
ImageList_AddMasked
ImageList_GetIconSize
MakeDragList
InitMUILanguage
ImageList_GetFlags
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_BeginDrag
ImageList_DrawIndirect
DrawInsert
ImageList_Duplicate
ImageList_Draw
CreateStatusWindowW
ImageList_Write
ImageList_DragLeave
CreateToolbar
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_LoadImageW

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8a8186647a507b70c87e7533ea40397

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

comctl32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 460KB - Virtual size: 457KB

.data Size: 132KB - Virtual size: 154KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 460KB - Virtual size: 457KB

.data
Size: 132KB - Virtual size: 154KB

.rsrc
Size: 24KB - Virtual size: 20KB