4af42cbdff734c96c1d3fd2d13ae6917_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4af42cbdff734c96c1d3fd2d13ae6917_JaffaCakes118
Size

548KB
MD5

4af42cbdff734c96c1d3fd2d13ae6917
SHA1

42c68f26bccd66161b90cef55d96d4ea3a3b8f26
SHA256

030601eac2293061984cb1f061c8615607fbcefe16530a98dd90458dddc1a787
SHA512

4fa48497955b7e809b217c0fca80c3ec43dd5b017a0ea25c64df4d04a32ea8a3fca99090c4691bb81fa8a87e92558989c5c267ff6c8cc2e6e3f9dfd3c9cfeabe
SSDEEP

12288:ECRNku+dwJkc/F6+uuDK83D6zRA9tC3ONmjuIrF:n3kuuyy+uu28z19tHm6IrF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4af42cbdff734c96c1d3fd2d13ae6917_JaffaCakes118

Files

4af42cbdff734c96c1d3fd2d13ae6917_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fa5024f413943b1caab5741e3803db8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbar
ImageList_SetOverlayImage
ImageList_SetDragCursorImage
InitCommonControlsEx

shell32

SHGetInstanceExplorer
DragAcceptFiles
SHInvokePrinterCommandW
SHQueryRecycleBinA
RealShellExecuteW

user32

MessageBoxW
OpenDesktopW
OemToCharBuffA
TrackMouseEvent
CreateWindowExA
CreateDialogIndirectParamA
InvalidateRgn
SendNotifyMessageA
ShowWindow
ClipCursor
CreateDialogParamW
DefWindowProcW
SetScrollPos
SystemParametersInfoA
DestroyIcon
RegisterClassA
CallNextHookEx
GetClassNameA
GetDialogBaseUnits
DialogBoxParamW
IsDlgButtonChecked
CreateCaret
CreateWindowStationW
DestroyWindow
GetWindowLongW
RegisterClassExA
SetCursorPos
DefFrameProcA
DdeNameService

gdi32

GetViewportOrgEx
ExcludeClipRect
EnumFontFamiliesExA
GetRgnBox
InvertRgn
PatBlt
GetBkMode
ModifyWorldTransform
CreateFontIndirectW
GetDeviceCaps
DeleteDC
GetFontData
SetMapMode
GetTextAlign
GetTextExtentExPointA
CreateDCW
GetCharacterPlacementA
TextOutA
StrokeAndFillPath
SelectObject
CopyEnhMetaFileW
Pie
GetObjectA
DeleteObject
EqualRgn

wininet

HttpSendRequestExW
InternetAlgIdToStringW
DeleteIE3Cache
GopherFindFirstFileA

kernel32

GetVersionExA
ExpandEnvironmentStringsW
GetVolumeInformationW
GetStringTypeW
GetSystemInfo
GetLocaleInfoA
GetSystemDirectoryW
DuplicateHandle
GetSystemTimeAsFileTime
VirtualQuery
GetDateFormatA
SetEnvironmentVariableA
GetModuleFileNameA
GetCurrentThread
GetProcessHeap
GetConsoleOutputCP
GetUserDefaultLCID
TlsSetValue
EnumResourceNamesW
GetNamedPipeHandleStateA
EnumResourceNamesA
IsBadReadPtr
HeapSize
WriteProfileSectionW
GetComputerNameW
VirtualProtect
GetModuleHandleA
ExitProcess
GetTimeZoneInformation
ExpandEnvironmentStringsA
CompareStringA
VirtualFree
MoveFileW
SetLastError
HeapAlloc
HeapReAlloc
UnlockFileEx
LeaveCriticalSection
FreeEnvironmentStringsA
EnumSystemCodePagesA
MultiByteToWideChar
OpenMutexA
GetStartupInfoA
OutputDebugStringW
GetLocaleInfoW
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
SleepEx
GetTimeFormatA
HeapCreate
WaitCommEvent
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetPriorityClass
IsBadWritePtr
CreateFileW
GetCurrentProcess
lstrcmpiW
SetStdHandle
DebugBreak
GetCurrentThreadId
Sleep
EnumCalendarInfoExA
LoadResource
FileTimeToSystemTime
GetFileType
WaitForDebugEvent
GetTickCount
IsValidLocale
WriteConsoleOutputAttribute
LoadLibraryA
GetThreadPriorityBoost
FoldStringA
GetExitCodeThread
QueryPerformanceCounter
HeapDestroy
SetFilePointer
GetAtomNameW
GetOEMCP
GetStdHandle
FlushFileBuffers
TlsAlloc
VirtualAlloc
GetThreadContext
IsValidCodePage
WideCharToMultiByte
SetLocaleInfoA
UnhandledExceptionFilter
GetProcAddress
ReadFile
EnumSystemLocalesA
LCMapStringA
CompareStringW
GetEnvironmentStrings
AddAtomW
CloseHandle
TlsGetValue
WriteFile
LCMapStringW
FindResourceExA
GetACP
CreateMutexA
SetThreadPriority
AllocConsole
GetCurrentProcessId
RtlUnwind
GetCommandLineA
GetPrivateProfileSectionA
GetCPInfo
LocalFileTimeToFileTime
GetUserDefaultLangID
GetStringTypeA
GetThreadLocale
HeapFree
InterlockedIncrement
FindAtomW
SetConsoleCursorPosition
SetVolumeLabelW
EnterCriticalSection
FreeResource
GetLastError
TlsFree
SetHandleCount
TerminateProcess

advapi32

RevertToSelf
LookupPrivilegeDisplayNameW
RegFlushKey
CryptEncrypt

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fa5024f413943b1caab5741e3803db8

Headers

File Characteristics

Imports

comctl32

shell32

user32

gdi32

wininet

kernel32

advapi32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 108KB - Virtual size: 118KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 108KB - Virtual size: 118KB

.rsrc
Size: 16KB - Virtual size: 15KB