4aec50dafc01d06b00fff6394f457ba1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4aec50dafc01d06b00fff6394f457ba1_JaffaCakes118
Size

680KB
MD5

4aec50dafc01d06b00fff6394f457ba1
SHA1

814f17db2bd7e87dee31cc90ca7c885cad39b40a
SHA256

7dfd5cd0cbca9a01daa237eb6f09e57eb59cab3f58df5b456dc12f7c198bb4c9
SHA512

e18438983b6e938483fd4474addc8ed54d463e53c2f0d8065089dcc7b7ee68ea5b381d1412124f1a6abcfa73eba230ce98628a69d125d86b5a80bad19832e8a0
SSDEEP

12288:BpEodmc22J9eWYo7R/LvqZynM8/kjAk2gQ1wwc3OqitK0bpxjmCAOeGYnMq:BqoMA92o7RDqZEM8/kZQ1i3CkCpxjm8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aec50dafc01d06b00fff6394f457ba1_JaffaCakes118

Files

4aec50dafc01d06b00fff6394f457ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
GetModuleFileNameW
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameW
GetExitCodeProcess
WaitForSingleObject
OpenProcess
LocalFree
WriteFile
LocalAlloc
CreateFileA
SizeofResource
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
CreateProcessA
CloseHandle
lstrlenA
SetUnhandledExceptionFilter
RaiseException
SetFilePointer
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
GetCurrentThreadId
IsBadCodePtr

user32

ShowWindow
IsDialogMessageA
DispatchMessageA
PostQuitMessage
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
MoveWindow
GetCursor
CreateWindowExA
wsprintfA
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadImageA
SendMessageA
SetWindowTextA
GetDlgItem
SystemParametersInfoA
SetWindowPos
GetSystemMetrics
GetWindowRect
InvalidateRect
GetWindowLongA
SetWindowLongA

gdi32

SelectObject
GetObjectA
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
PatBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
SysFreeString
DispCallFunc
SysAllocString
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 500KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

wininet

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 500KB - Virtual size: 497KB

.grdata Size: 76KB - Virtual size: 76KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 500KB - Virtual size: 497KB

.grdata
Size: 76KB - Virtual size: 76KB