4afdb84436cbdd6065d03f3cca2d6295_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4afdb84436cbdd6065d03f3cca2d6295_JaffaCakes118
Size

518KB
MD5

4afdb84436cbdd6065d03f3cca2d6295
SHA1

9eaeb6d5d05dedc0cbd3df2da801bb484ef2e5f7
SHA256

1c3b8d361d65354bc169b5662bd5b212dbbb67e40c1107cfd8485ef51d387058
SHA512

42292a49e26c1d019f3f259fb928e295be48b724770e8121cd46c64f6bef9290cf1006af1a58c36e7d7e521601efeaa00d7f0f101db72768977c313f321c35e2
SSDEEP

12288:cFa12vfnyEBhPWST4Je+Y4ubD2nJzcl8haJFk0:cU2vPFBxWSf+Y3bD8zgdFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4afdb84436cbdd6065d03f3cca2d6295_JaffaCakes118

Files

4afdb84436cbdd6065d03f3cca2d6295_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2fe3899c93b7aa92bad2bae2d58e66d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW
PageSetupDlgA

kernel32

SetStdHandle
GetACP
GetSystemInfo
CompareStringA
GetModuleFileNameA
ReadFile
TlsFree
TlsGetValue
IsValidLocale
HeapFree
LCMapStringW
GetTimeFormatA
GetProcAddress
WideCharToMultiByte
GetLastError
HeapCreate
GetCPInfo
SetFilePointer
GetStdHandle
GetModuleFileNameW
VirtualAlloc
VirtualFree
IsValidCodePage
InterlockedExchange
ExitThread
CloseHandle
EnumCalendarInfoA
FreeEnvironmentStringsW
GetMailslotInfo
GetCommandLineA
FlushFileBuffers
GetLogicalDriveStringsW
SetHandleCount
ExitProcess
LCMapStringA
OpenMutexA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetCurrentThreadId
EnumSystemLocalesA
QueryPerformanceCounter
GetModuleHandleA
WriteProfileSectionA
TlsSetValue
UnhandledExceptionFilter
LoadLibraryExA
SetEnvironmentVariableA
GetTickCount
GetTimeZoneInformation
GetStringTypeW
VirtualProtect
EnterCriticalSection
HeapDestroy
GetCurrentThread
GetStringTypeA
GetLocaleInfoA
lstrcpy
IsBadWritePtr
GetFileType
GetUserDefaultLCID
GetWindowsDirectoryW
DeleteCriticalSection
GetStartupInfoA
GetSystemTimeAsFileTime
TerminateProcess
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetCommandLineW
GetCurrentProcessId
GetCurrentProcess
HeapSize
WriteFile
HeapReAlloc
GetLocaleInfoW
RtlUnwind
ReadConsoleA
InitializeCriticalSection
GetVersionExA
VirtualQuery
TlsAlloc
CompareStringW
GetDateFormatA
GetStartupInfoW
SetLastError
GetEnvironmentStrings
LeaveCriticalSection
CreateMutexA
HeapAlloc
CopyFileA
GetProfileIntW

user32

GetClassInfoA
ToAscii
MessageBoxW
LoadCursorA
SetWindowsHookA
GetClassInfoExW
DestroyWindow
CreatePopupMenu
ShowWindow
DdeCreateStringHandleW
GetTabbedTextExtentA
RegisterClassExA
DlgDirListComboBoxW
EnumDisplaySettingsA
DefWindowProcA
BroadcastSystemMessage
CreateDialogIndirectParamA
GetTitleBarInfo
GetKBCodePage
SetMenu
RegisterClassA
IsCharLowerW
UnregisterDeviceNotification
SetWindowLongW
LoadStringW
CreateWindowExA
IsWindowEnabled
EndDeferWindowPos

comctl32

ImageList_LoadImageW
MakeDragList
ImageList_Draw
ImageList_GetBkColor
InitCommonControlsEx
ImageList_Create
ImageList_SetFlags
ImageList_Duplicate
ImageList_Read
CreateStatusWindowA
ImageList_Add
ImageList_DrawIndirect
CreateUpDownControl
CreatePropertySheetPage
ImageList_AddMasked
_TrackMouseEvent
ImageList_BeginDrag

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2fe3899c93b7aa92bad2bae2d58e66d

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 218KB - Virtual size: 243KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 46KB - Virtual size: 46KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 218KB - Virtual size: 243KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 46KB - Virtual size: 46KB