602b1bd90f73375dfdc14c26dd79fc47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

602b1bd90f73375dfdc14c26dd79fc47_JaffaCakes118
Size

624KB
MD5

602b1bd90f73375dfdc14c26dd79fc47
SHA1

907a170193e5a79630831be0be26bdf68e46fbe4
SHA256

e81f9a8cb43c34f7a9183fe638a844254a08f500f577b58c6c1155c4fef02db1
SHA512

50d153df06e9f5856d3b8cac9d9708d3152a848e4507a3df7bed02d790c7b28cd9ac5b15f5c4818e5feb3b707d2e930133e87d545790ca58744bc43ddf8ea327
SSDEEP

12288:ur9LoHmI37QbRAh8qxANDBUcswB8QN1mVXkgFywg6Y:uBLoG47c+xUU/zQz49Fw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
602b1bd90f73375dfdc14c26dd79fc47_JaffaCakes118

Files

602b1bd90f73375dfdc14c26dd79fc47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

175d03a4edb6c596c331c9ce30a16e60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSetProviderA
CryptSetProviderExW
RegLoadKeyW
DuplicateToken
LogonUserW
RegEnumValueW
CryptSetProviderW
LookupAccountSidA
RegDeleteValueA
CryptSetHashParam
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsA
RegSetValueA
CryptCreateHash
RegEnumKeyExW
ReportEventW
LookupPrivilegeValueW
AbortSystemShutdownW

comctl32

_TrackMouseEvent
ImageList_Remove
ImageList_SetBkColor
InitCommonControlsEx
ImageList_AddIcon
CreateStatusWindowA
CreateUpDownControl
CreateToolbarEx

user32

SetWindowsHookExW
SetMenuItemInfoA
ShowScrollBar
MapWindowPoints
GetMenuStringW
IsIconic
DestroyWindow
CreateWindowExW
SetMessageExtraInfo
MessageBoxW
PostMessageA
DefWindowProcA
GetKBCodePage
EmptyClipboard
ShowWindow
RegisterClassA
DdeUninitialize
GetDoubleClickTime
GetMenuItemInfoA
GetWindowTextA
GetKeyboardType
RegisterClassExA

comdlg32

ChooseColorW
PageSetupDlgW

shell32

SHGetFileInfo

kernel32

FreeResource
IsDebuggerPresent
LocalCompact
GetVersionExA
GetProcAddress
IsValidLocale
Sleep
OpenFileMappingW
OpenMutexW
GetPrivateProfileSectionNamesW
GetConsoleMode
WriteFileEx
GetCurrentProcess
CreateFileA
DeleteFiber
GetSystemTimeAsFileTime
InitializeCriticalSection
GetModuleFileNameW
HeapAlloc
HeapCreate
SetLastError
FlushFileBuffers
IsValidCodePage
LCMapStringA
GetStartupInfoW
TlsAlloc
InterlockedDecrement
VirtualLock
ConvertDefaultLocale
VirtualQuery
OpenMutexA
GetCurrentThread
WritePrivateProfileStructW
GetStartupInfoA
GetConsoleOutputCP
GetACP
TlsFree
InterlockedExchange
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
FreeEnvironmentStringsW
GetTempFileNameA
HeapReAlloc
ExitProcess
CompareStringW
lstrcmpiW
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetFilePointer
GetTimeZoneInformation
VirtualAlloc
SetConsoleCtrlHandler
GetLocaleInfoW
LoadLibraryA
EnumTimeFormatsW
EnumSystemLocalesA
FreeLibrary
SetUnhandledExceptionFilter
GetSystemDefaultLCID
LCMapStringW
HeapSize
GetCurrentThreadId
MultiByteToWideChar
GetLastError
GetCPInfo
GetUserDefaultLCID
AddAtomA
ReadFile
GetTickCount
GetModuleHandleA
InterlockedIncrement
RtlUnwind
WriteConsoleW
GetStdHandle
GetStringTypeW
TlsGetValue
GetOEMCP
SetEnvironmentVariableA
GetProfileSectionW
GetTimeFormatA
GetLocaleInfoA
GetConsoleCP
GetDateFormatA
WriteFile
GetModuleFileNameA
VirtualFree
GetProcessHeap
GetEnvironmentStrings
GetCommandLineW
VirtualFreeEx
GetCurrentProcessId
CompareStringA
HeapFree
TlsSetValue
QueryPerformanceCounter
WideCharToMultiByte
HeapDestroy
GetCommandLineA
SetStdHandle
GetStringTypeA
CreateDirectoryExA
EnterCriticalSection
CloseHandle
FreeEnvironmentStringsA
SetHandleCount
CreateMutexA
WriteConsoleA

gdi32

GetDCOrgEx
GdiFlush
SetPolyFillMode
PolyPolygon
GetBkMode
GetTextMetricsA
GetColorAdjustment
ExtTextOutW
SetMapMode
GetSystemPaletteUse
SelectClipRgn
SetPixelFormat
ResetDCW

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175d03a4edb6c596c331c9ce30a16e60

Headers

File Characteristics

Imports

advapi32

comctl32

user32

comdlg32

shell32

kernel32

gdi32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 116KB - Virtual size: 143KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 116KB - Virtual size: 143KB

.rsrc
Size: 88KB - Virtual size: 84KB