4cc5d07f066280e6e57c1a1c0f21973c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4cc5d07f066280e6e57c1a1c0f21973c_JaffaCakes118
Size

576KB
MD5

4cc5d07f066280e6e57c1a1c0f21973c
SHA1

faff1999eacd180a5e537f9849a85706a62bbccf
SHA256

2518f77441228f12cfd5449391eedda3e6afcf842aecec5a4ed32a6fc8c23205
SHA512

8f0ec3d45be21d623ebf8781e52884ce28f046000841f5d44aafab3ebfbcde6bfff010428c27c02cb0158f08d71c71bc8e082ff406bbc27bc4d0e90bb138f360
SSDEEP

12288:ebXnxyW8gvCI8lGBiLBuzSw4KDtnC4mqCEuRU:ebXnxeg6ImGkuz54KDLjx1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc5d07f066280e6e57c1a1c0f21973c_JaffaCakes118

Files

4cc5d07f066280e6e57c1a1c0f21973c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a751e3a43e9124bb6c0d08305b052ccc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\coc

Imports

kernel32

GetDriveTypeA
GetVersionExA
GetUserDefaultLCID
GetStringTypeW
ReadFile
VirtualFree
GetProfileIntA
HeapCreate
LoadLibraryA
IsDebuggerPresent
GetLocaleInfoW
FlushFileBuffers
GetTimeFormatA
HeapSize
GetCurrentThreadId
GetLocaleInfoA
SetHandleCount
IsValidCodePage
InterlockedDecrement
DeleteCriticalSection
SetLocaleInfoA
CreateMutexA
InterlockedIncrement
CreateFileA
GetStringTypeA
VirtualQuery
TlsFree
WriteFile
GetAtomNameA
IsValidLocale
DuplicateHandle
FreeLibrary
LCMapStringA
MultiByteToWideChar
FreeEnvironmentStringsA
GetCurrentProcess
ExitProcess
GetCurrentProcessId
LCMapStringW
GetTimeZoneInformation
GetACP
GetCommandLineA
QueryPerformanceCounter
GetProcAddress
GetCurrentThread
CloseHandle
TlsSetValue
UnhandledExceptionFilter
GetTickCount
GetFileType
EnterCriticalSection
HeapReAlloc
InitializeCriticalSection
GetStdHandle
GetOEMCP
GetSystemTimeAsFileTime
OpenMutexA
SetLastError
FreeEnvironmentStringsW
GetLastError
InterlockedExchange
TlsAlloc
HeapFree
SetFilePointer
WriteConsoleA
GetConsoleCP
SetConsoleCtrlHandler
TerminateProcess
GetEnvironmentStringsW
GetModuleFileNameA
LocalReAlloc
LoadLibraryExA
CompareStringW
lstrcmp
TlsGetValue
GetModuleHandleA
SetUnhandledExceptionFilter
GetProcessHeap
GetCPInfo
EnumSystemLocalesA
GetTempFileNameA
GetStartupInfoA
GetConsoleOutputCP
OpenWaitableTimerA
Sleep
GetDateFormatA
ReadConsoleOutputA
GlobalGetAtomNameA
LeaveCriticalSection
EnumResourceTypesW
SetStdHandle
RtlUnwind
WriteConsoleW
HeapAlloc
WideCharToMultiByte
SetEnvironmentVariableA
GetEnvironmentStrings
HeapDestroy
CompareStringA
GetConsoleMode
VirtualAlloc

user32

PostQuitMessage
MonitorFromWindow
MessageBoxW
GetMonitorInfoA
DdeImpersonateClient
GetSysColorBrush
LoadCursorA
CreateAcceleratorTableW
CopyAcceleratorTableA
MapVirtualKeyA
CallMsgFilterA
GetPropW
DdeCreateDataHandle
GetIconInfo
SetDebugErrorLevel
SetWindowPos
RegisterClassExW
SetUserObjectInformationA
CopyImage
SetUserObjectInformationW
GetClassInfoW
CreateDialogIndirectParamW
DrawMenuBar
GetClipboardFormatNameW
CreateIconIndirect
DdeDisconnectList
GetSystemMetrics
FlashWindowEx
RegisterClassExA
ModifyMenuA
DrawIconEx
AdjustWindowRect
GetMessageTime
DeferWindowPos
FindWindowExW
DefWindowProcW
ChangeDisplaySettingsExA
DialogBoxIndirectParamA
DdeCreateStringHandleA
SubtractRect
GetCaretBlinkTime
RegisterClassA
CallMsgFilterW
IsWindow
RealChildWindowFromPoint
CreateWindowExW
ReleaseDC
ShowWindow
DestroyWindow
DrawEdge
ScrollDC
EnumThreadWindows
DdeReconnect
CreateDialogIndirectParamA
OpenDesktopW
IntersectRect

gdi32

GetTextExtentExPointW
Escape
EnumFontsW
EnumMetaFile
StretchDIBits
SetFontEnumeration
PolyBezierTo
StartDocA
GetLogColorSpaceW
GetTextExtentPointW
ExtSelectClipRgn
PolyTextOutA
LPtoDP
GetCharWidthW
EnumICMProfilesA
ExtCreatePen
GetNearestColor
DescribePixelFormat
ArcTo

shell32

CommandLineToArgvW

comctl32

ImageList_ReplaceIcon
CreateStatusWindow
ImageList_DragShowNolock
ImageList_SetFlags
ImageList_SetBkColor
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_GetFlags
CreatePropertySheetPageW

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a751e3a43e9124bb6c0d08305b052ccc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

comctl32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 20KB - Virtual size: 16KB