651781c6485d7148e56f130a2822d88f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

651781c6485d7148e56f130a2822d88f_JaffaCakes118
Size

600KB
MD5

651781c6485d7148e56f130a2822d88f
SHA1

cd941b0fd04e266ec4767fb2c60f9d6323e2c2e5
SHA256

b669f47cb2febc7f317c31c23f31a819483f1ff8f40e980e9b225d7dbcbb1a0f
SHA512

3b7659ad2c28e74534da7aeaff532dc05fd03139dfbbd5228b9aa20b772e706e32f3c38a36017baa704f16a33c48701a97891a624ecd300a80b3e689e942f376
SSDEEP

12288:Zombs+D3WRVI40AmP6jPXFV3GpljWMLzEb0FzehE0KsOQMXRF2B4BHG4twk:ZTs+D3WRVI40Fyj9EpJM6zei0Ks0X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
651781c6485d7148e56f130a2822d88f_JaffaCakes118

Files

651781c6485d7148e56f130a2822d88f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01468f1a2d9fa2ea2e91f9c6b8a600a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
CreatePropertySheetPageA
ImageList_Merge
ImageList_SetFilter
ImageList_Read
ImageList_SetBkColor
ImageList_BeginDrag
DrawStatusText
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetImageCount
CreatePropertySheetPage
ImageList_LoadImage
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_LoadImageW

kernel32

ExitThread
EnumSystemLocalesA
SetCurrentDirectoryW
SetLastError
VirtualFree
IsBadWritePtr
GetStartupInfoA
CreateMutexA
IsBadReadPtr
GetLocaleInfoA
LoadLibraryA
SetThreadContext
DebugBreak
GetLastError
GetProcAddress
IsValidCodePage
GetCPInfo
FreeEnvironmentStringsW
OpenMutexA
GetDateFormatA
QueryPerformanceCounter
DuplicateHandle
EnumCalendarInfoExW
GetTickCount
MultiByteToWideChar
GetStdHandle
SetConsoleCtrlHandler
HeapFree
SetPriorityClass
GetFullPathNameA
EnumResourceLanguagesW
OutputDebugStringA
GetStringTypeW
HeapValidate
GetCommandLineA
CloseHandle
DeleteCriticalSection
SetFilePointer
lstrlenW
GetTimeFormatA
UnhandledExceptionFilter
GetCurrentThreadId
SetHandleCount
UnmapViewOfFile
TlsGetValue
GetSystemTimeAsFileTime
GetFileAttributesW
GetConsoleOutputCP
InterlockedDecrement
GetCurrentThread
LCMapStringA
SetStdHandle
lstrcat
EnumSystemLocalesW
HeapReAlloc
HeapAlloc
TlsFree
GetNumberFormatW
GetTempFileNameW
FindResourceExW
WriteFileEx
GetModuleHandleA
VirtualAlloc
OpenSemaphoreA
GetEnvironmentStringsW
EnumDateFormatsW
GetStringTypeExW
VirtualLock
TlsAlloc
GetSystemInfo
GlobalReAlloc
GetComputerNameA
SetConsoleOutputCP
GetStringTypeA
EnterCriticalSection
ReadConsoleOutputCharacterA
GetTimeZoneInformation
CreateWaitableTimerW
HeapCreate
TlsSetValue
LeaveCriticalSection
ReadFile
FindResourceA
SetLocaleInfoA
WideCharToMultiByte
FillConsoleOutputCharacterW
GetVersionExA
FlushFileBuffers
InterlockedIncrement
OpenEventW
VirtualProtect
GetEnvironmentVariableA
TerminateProcess
SetConsoleScreenBufferSize
VirtualQuery
GetLocaleInfoW
GetPriorityClass
FreeLibrary
CompareStringW
GetFileType
GetEnvironmentStrings
GlobalFlags
OpenEventA
GetModuleFileNameA
CreateFileMappingA
GetCurrentProcessId
GetPrivateProfileIntA
FlushConsoleInputBuffer
FreeEnvironmentStringsA
CompareStringA
HeapDestroy
InitializeCriticalSection
GetExitCodeProcess
lstrcmpiA
GetUserDefaultLCID
IsValidLocale
DosDateTimeToFileTime
SetEnvironmentVariableA
ExitProcess
WriteFile
LCMapStringW
SetFileAttributesW
GetACP
RtlUnwind
GetOEMCP
InterlockedExchange
GetCurrentProcess

user32

GetNextDlgTabItem
CharToOemBuffA
SetActiveWindow
CreateWindowExW
LookupIconIdFromDirectory
TrackPopupMenuEx
UnregisterClassA
GetQueueStatus
GetClipboardFormatNameA
TrackMouseEvent
SetProcessWindowStation
CascadeChildWindows
MapVirtualKeyA
LockWindowUpdate
EnumDisplaySettingsExW
AnimateWindow
SendDlgItemMessageA
ScreenToClient
DdeKeepStringHandle
DestroyWindow
SetWindowLongW
ShowWindow
CreateIconFromResourceEx
CopyAcceleratorTableW
DragDetect
CreateAcceleratorTableW
GetWindowDC
CreateCaret
RegisterClassExA
FindWindowA
TranslateMessage
SendDlgItemMessageW
LoadImageW
EnumPropsExW
ModifyMenuA
GetMessageW
DdeAddData
MessageBoxA
VkKeyScanExA
SetWindowsHookExA
CreateIcon
InflateRect
IsDialogMessage
ScrollWindow
SetDlgItemTextW
GetThreadDesktop
WinHelpA
DdeCmpStringHandles
MessageBoxExW
CopyRect
RegisterClassA
DialogBoxIndirectParamW
LoadKeyboardLayoutW
SetWindowsHookA
GetKeyboardLayout
IsCharAlphaW
GetWindowContextHelpId
LoadCursorFromFileA
DdeQueryStringA
BroadcastSystemMessageA
RemoveMenu
DefWindowProcW

gdi32

SetTextColor
SetDIBitsToDevice
SetICMProfileW
CreateBitmapIndirect
GetCharacterPlacementA
GetGraphicsMode
GetArcDirection
EnumICMProfilesW
FloodFill
CreateRectRgn
GetMetaRgn
SetBitmapBits

shell32

SHFormatDrive
SheGetDirA

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01468f1a2d9fa2ea2e91f9c6b8a600a6

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

shell32

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 40KB - Virtual size: 36KB