6447b13b9984299ca73e81f01d7ee741_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6447b13b9984299ca73e81f01d7ee741_JaffaCakes118
Size

756KB
MD5

6447b13b9984299ca73e81f01d7ee741
SHA1

a63f24f9ab60117373fefe05cc599e4d2c9da901
SHA256

144d591659518fdd2d560d994d2f9af52c4a5be78f18c854198c2dfbbdb747b7
SHA512

8037a6a891c5ed8e00137b4bc2ba4e264a5dc0ff8565764ac7a44e68eb775e42beea763e85dc6f9be6f28b1180f29e5dfc9271a31d66e1f88e67022a9ffc94a9
SSDEEP

12288:dHnTOPUERpaiQvLwFgp0Z4RVnzxrc111Np0lHndWxLa9BZCNGPUn1:Ra7RFaUFkRVnlYREuxLIC0Pu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6447b13b9984299ca73e81f01d7ee741_JaffaCakes118

Files

6447b13b9984299ca73e81f01d7ee741_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48eef776a9c42fd24b397d182c9d57e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\hh

Imports

comctl32

ImageList_AddIcon
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_GetFlags
InitCommonControlsEx
ImageList_GetDragImage
ImageList_Write
DrawStatusTextA
DrawInsert
MakeDragList
_TrackMouseEvent
InitMUILanguage
ImageList_EndDrag
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_Duplicate
ImageList_SetIconSize
DrawStatusText
ImageList_DragLeave
ImageList_GetImageCount
ImageList_AddMasked
ImageList_SetFlags
ImageList_DrawEx

kernel32

TlsGetValue
DebugBreak
IsBadReadPtr
CopyFileExA
CreateThread
HeapDestroy
LCMapStringA
HeapCreate
ExitThread
OpenMutexA
HeapFree
FreeEnvironmentStringsA
GetFileAttributesExW
VirtualFree
WriteProfileStringW
SuspendThread
GetLocaleInfoW
CloseHandle
GetTempPathW
EnumResourceLanguagesW
ReadConsoleW
GetConsoleOutputCP
GetOEMCP
InterlockedIncrement
GetComputerNameA
VirtualAlloc
WriteFile
GetConsoleTitleW
GetStdHandle
HeapReAlloc
GetCurrentThread
OpenFileMappingW
SetEvent
FindNextFileA
lstrcat
lstrcpynW
OutputDebugStringW
FindResourceExA
SetFilePointer
GetDriveTypeA
GetWindowsDirectoryA
WideCharToMultiByte
GetSystemInfo
OutputDebugStringA
GetSystemDirectoryA
GetCurrentProcessId
HeapAlloc
IsValidCodePage
TransactNamedPipe
LocalFileTimeToFileTime
GetStringTypeExW
OpenSemaphoreW
GetThreadLocale
GetCPInfo
MultiByteToWideChar
lstrcpyA
CreateMutexA
GlobalAddAtomW
LocalFree
GetModuleFileNameA
FindFirstFileExW
CreateFileA
WriteConsoleA
GetEnvironmentStringsW
ReadFile
SetThreadAffinityMask
SetComputerNameW
GetLogicalDriveStringsW
EnumCalendarInfoExA
GetEnvironmentStrings
WriteConsoleOutputCharacterA
GetStringTypeW
GetConsoleCP
RaiseException
GetDateFormatA
GetCommandLineA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
IsDebuggerPresent
SetUnhandledExceptionFilter
FreeLibrary
GetVolumeInformationW
TlsAlloc
SetConsoleCtrlHandler
SetEnvironmentVariableA
UnhandledExceptionFilter
GetEnvironmentVariableA
SetStdHandle
QueryPerformanceCounter
lstrcmpiA
GetStringTypeA
IsValidLocale
InterlockedDecrement
GetProfileStringW
GetProcAddress
GetConsoleMode
ExitProcess
lstrlenA
GetPrivateProfileIntW
CompareStringA
RtlUnwind
LoadLibraryA
InterlockedExchange
GetTickCount
GetStartupInfoA
CompareStringW
GetModuleFileNameW
FoldStringA
EnterCriticalSection
EnumTimeFormatsW
TerminateProcess
GetLastError
HeapValidate
GetConsoleTitleA
FlushFileBuffers
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesA
lstrcpyn
LoadLibraryW
ExpandEnvironmentStringsW
GetModuleHandleA
LCMapStringW
WriteConsoleW
GetUserDefaultLCID
GetComputerNameW
GetTimeFormatA
DeleteCriticalSection
EnumCalendarInfoW
GlobalDeleteAtom
GetVersionExA
LocalLock
DebugActiveProcess
GetTimeZoneInformation
GetFileType
CreateMailslotA
InitializeCriticalSection
GetTimeFormatW
GetPriorityClass
GetProcessHeap
TlsFree
VirtualQuery
MapViewOfFile
FlushViewOfFile
GetCurrentThreadId
RtlZeroMemory
CreateMailslotW
SetHandleCount
WritePrivateProfileSectionA
TlsSetValue
GetACP
CopyFileA
GetCurrentProcess
SetLastError
SetConsoleCursorPosition
CreateNamedPipeA
GetLocaleInfoA

user32

PostThreadMessageA
RegisterClassA
IsCharLowerA
MoveWindow
LoadKeyboardLayoutW
CreateWindowExW
CreateMDIWindowA
DestroyWindow
VkKeyScanExW
DdeUnaccessData
LookupIconIdFromDirectoryEx
GetWindowRect
GetAncestor
RedrawWindow
TrackMouseEvent
DefWindowProcA
DdeGetData
SetSysColors
CharNextA
RegisterClassExA
MessageBoxW
SetWindowsHookA
LoadStringW
ChangeClipboardChain
GetMenuItemRect
MapWindowPoints
DdeSetUserHandle
ShowWindow
AnimateWindow
SetDeskWallpaper
EqualRect
GetClassInfoExA

gdi32

GetCharWidth32W
ExtEscape
StartDocA
SetFontEnumeration
GetCharWidthA
CreateDCA
OffsetWindowOrgEx
EnumFontsA
DeleteObject
GetDeviceCaps
EnumMetaFile
GetMetaFileA
GetGlyphOutlineA
GetObjectW
CreateDCW
CreateRectRgnIndirect
DeleteDC
SelectClipRgn
GetDCOrgEx
AngleArc
GetLayout
GetMapMode
ChoosePixelFormat
GetBkMode
GetTextExtentPoint32A
GetTextCharacterExtra
CheckColorsInGamut
CreateDiscardableBitmap
SetStretchBltMode

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48eef776a9c42fd24b397d182c9d57e5

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 116KB - Virtual size: 136KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 116KB - Virtual size: 136KB

.rsrc
Size: 68KB - Virtual size: 67KB