4a2d2089bad8a8603729739a9177624e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a2d2089bad8a8603729739a9177624e_JaffaCakes118
Size

488KB
MD5

4a2d2089bad8a8603729739a9177624e
SHA1

67c1f8353bcc4bc579b4c89baa3f2561fd13000b
SHA256

b38b6ce51caef65f89e0b927b9925d831a6cba7bd5f51c30dc70738820e5ecce
SHA512

d4c520b1133bdce296faa935dd0fa440160da8b75f60db36d515da388865137802d50e394e8088975fe9efeb1e3a5fe177707365add8cfe03becfd59646886ac
SSDEEP

6144:usiwP+VvzCka/fVp9WEX9gtMLnXuaaZDu5GdzdG0BGtlVgouekItAWo5TB2:WVvzCk6ZzX6UXnaNu52z/BSLRZzm51

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a2d2089bad8a8603729739a9177624e_JaffaCakes118

Files

4a2d2089bad8a8603729739a9177624e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62ca7b9f0c5f2bbe01e1b641a64887f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\alm\allybyc\os

Imports

kernel32

GetCurrentProcess
HeapCreate
LCMapStringA
QueryPerformanceCounter
LeaveCriticalSection
SetHandleCount
DeleteCriticalSection
FlushFileBuffers
VirtualQuery
GetTickCount
IsDebuggerPresent
GetConsoleCP
GetOEMCP
GetSystemTimeAsFileTime
CompareStringW
GetVersionExA
RtlUnwind
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
SetLastError
GetFileType
TlsSetValue
VirtualFree
FreeEnvironmentStringsA
GetLocaleInfoA
HeapFree
FreeLibrary
VirtualAlloc
GetStringTypeA
HeapSize
Sleep
GetTimeFormatA
GetLastError
GetEnvironmentStrings
CreateFileA
SetFilePointer
CreateMutexA
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetDateFormatA
GetACP
SetStdHandle
FatalAppExitA
InterlockedIncrement
WriteFile
GetEnvironmentStringsW
TlsFree
SetUnhandledExceptionFilter
GetLocaleInfoW
GetProcessHeap
GetUserDefaultLCID
GetModuleHandleA
EnumSystemLocalesA
ExitProcess
TlsAlloc
CompareStringA
HeapReAlloc
GetCurrentProcessId
WideCharToMultiByte
HeapDestroy
ReadFile
FreeEnvironmentStringsW
GetStringTypeW
IsValidLocale
IsValidCodePage
TerminateProcess
LoadLibraryA
LCMapStringW
HeapAlloc
GetCPInfo
MultiByteToWideChar
GetCommandLineA
GetConsoleMode
GetTimeZoneInformation
GetCurrentThread
EnterCriticalSection
GetProcAddress
UnhandledExceptionFilter
TlsGetValue
WriteConsoleW
RaiseException
GetModuleFileNameA
GetStdHandle
CloseHandle
GetStartupInfoA
InterlockedExchange
GetCurrentThreadId
InterlockedDecrement

user32

GetClassLongA
GetScrollRange
GetUpdateRect
GetClassNameA
CharNextA
AdjustWindowRectEx
UnhookWindowsHookEx
GetMenu
SetMenu
GetSysColor
ReleaseDC
UpdateWindow
DrawFrameControl
CheckMenuItem
SetWindowTextA
GetLastActivePopup
PeekMessageA
GetWindowRect
UnpackDDElParam
CharUpperA
wvsprintfA
DestroyAcceleratorTable
CopyAcceleratorTableA
IsWindowVisible
GetMenuState
LoadIconA
ModifyMenuA
SetRectEmpty
DrawTextA
IsClipboardFormatAvailable
GrayStringA
IsRectEmpty
GetScrollInfo
CreateWindowExA
EnableWindow
GetWindowTextA
RegisterWindowMessageA
GetMenuCheckMarkDimensions
IsMenu
PostQuitMessage
GetClipboardFormatNameA
MessageBoxA
GetWindowTextLengthA
IsWindowUnicode
LoadCursorA
GetCursorPos
SendMessageA
TranslateMessage
InvalidateRect
GetSystemMetrics
ValidateRect
AppendMenuA
CallNextHookEx
MessageBeep
PtInRect
DestroyMenu
GetTopWindow
SetMenuDefaultItem
GetMenuItemID
CreateMenu
SetParent
GetMenuStringA
IsWindow
GetMessageTime
FindWindowA
IntersectRect
GetCapture
BeginPaint
DispatchMessageA
GetClientRect
SetClipboardData
ShowWindow
IsChild
CallWindowProcA
KillTimer
TranslateAcceleratorA
GetDlgItem
LoadAcceleratorsA
EnableMenuItem
IsDialogMessageA
DrawIcon
RegisterClassA
IsZoomed
EmptyClipboard
SetCursorPos
DestroyWindow
DestroyIcon
SetTimer
SendDlgItemMessageA
GetWindowDC
GetActiveWindow
LoadStringA
EndPaint
GetWindowLongA
GetFocus
PostMessageA
ClientToScreen
DefWindowProcA
SetMenuItemBitmaps
UnregisterClassA
SetWindowsHookExA
InflateRect
GetDlgCtrlID
SetWindowPos
DrawEdge
DeferWindowPos
DrawMenuBar
RegisterClassExA
TrackPopupMenu
CreatePopupMenu
DrawStateA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegCreateKeyExA
OpenProcessToken
GetTokenInformation
OpenThreadToken
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerA
RegSetValueExA
StartServiceCtrlDispatcherA
ReportEventA
DeleteService
SetSecurityDescriptorGroup
ControlService
RegOpenKeyExA
SetSecurityDescriptorOwner
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyA
RegisterEventSourceA
SetServiceStatus
OpenSCManagerA

comctl32

DestroyPropertySheetPage
ImageList_Create
ImageList_AddMasked
ImageList_DragMove
ImageList_GetImageCount
ImageList_EndDrag
ImageList_LoadImageA
InitCommonControlsEx
ImageList_Destroy
ImageList_DragLeave
ImageList_Remove
CreatePropertySheetPageA
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_Add
ImageList_BeginDrag
ImageList_DragEnter
ImageList_Draw
ord17
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_GetIcon
PropertySheetA

shell32

ExtractIconA
DragAcceptFiles
SHGetFileInfoA
DragFinish

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62ca7b9f0c5f2bbe01e1b641a64887f7

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

version

advapi32

comctl32

shell32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 14KB - Virtual size: 14KB