65e6ea845e486a4d013cb21e62486038_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65e6ea845e486a4d013cb21e62486038_JaffaCakes118
Size

741KB
MD5

65e6ea845e486a4d013cb21e62486038
SHA1

aa0ad73a6ae96e9cbd7141c68eb4a3fbdd3ed055
SHA256

d2f95e7cb517a2980ecabc2216c6fb85f1cb1345dee43faa67c588d93f4c0d9f
SHA512

d311c66bb948f9fbdc812ffbcf655e0a9f9f51d2f5907ddc1d70070861a42aa92fd412aba9c270a10db81138fb3031bc1261894bf7e82f16df16081f313ebd49
SSDEEP

12288:nVGR47Ll5znKkFNIX8PvtszVek//ZXYmJTp+W0nR:ncRwpZv+hek3Z/JTp+zR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65e6ea845e486a4d013cb21e62486038_JaffaCakes118

Files

65e6ea845e486a4d013cb21e62486038_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ddf91d866891afb6f5260e829991af2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
CreateToolbarEx
ImageList_GetDragImage
ImageList_Add
ImageList_GetBkColor
ImageList_Read
DestroyPropertySheetPage
ImageList_Create
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_Destroy
ImageList_SetDragCursorImage
DrawStatusText
ImageList_SetBkColor
_TrackMouseEvent
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_BeginDrag
ImageList_GetIcon

kernel32

GetDateFormatA
IsValidCodePage
IsValidLocale
WriteFile
IsBadWritePtr
GetEnvironmentStringsW
GetStartupInfoW
GetStdHandle
MapViewOfFile
GetModuleFileNameW
GetCurrentProcess
RtlUnwind
CloseHandle
VirtualAlloc
VirtualQuery
FreeLibrary
GetModuleFileNameA
FreeEnvironmentStringsW
CommConfigDialogA
DeleteFileA
AllocConsole
GetLocaleInfoW
LocalFileTimeToFileTime
GetOEMCP
InitializeCriticalSection
GetCurrentThread
WaitNamedPipeW
TlsAlloc
GetDriveTypeA
QueryPerformanceCounter
GetCommandLineW
GetPrivateProfileSectionNamesA
GetCPInfo
LeaveCriticalSection
GetLocaleInfoA
FindResourceA
VirtualUnlock
HeapReAlloc
GlobalGetAtomNameW
DeleteCriticalSection
UnhandledExceptionFilter
GetModuleHandleW
VirtualProtect
GlobalAddAtomW
ReadConsoleOutputAttribute
RtlZeroMemory
TlsFree
HeapAlloc
EnumSystemLocalesA
GetEnvironmentStrings
LCMapStringW
HeapFree
CreateMutexA
GetCurrentThreadId
LCMapStringA
GetCurrentProcessId
GetSystemInfo
TerminateProcess
ExitProcess
MultiByteToWideChar
FlushFileBuffers
GetFileType
lstrcatA
SetFilePointer
HeapSize
GetTimeZoneInformation
ReadFile
CompareStringA
GetStringTypeW
GetUserDefaultLCID
FileTimeToLocalFileTime
EnumResourceTypesA
GetTickCount
GetACP
LoadLibraryA
GetVersionExA
CompareStringW
GetStartupInfoA
SetEnvironmentVariableA
OpenMutexA
HeapDestroy
GetTimeFormatA
GetModuleHandleA
ResetEvent
SetLastError
WideCharToMultiByte
SetHandleCount
GetCommandLineA
FreeEnvironmentStringsA
TlsGetValue
GetProcAddress
EnterCriticalSection
SetStdHandle
lstrcpynA
GetStringTypeA
GetSystemTimeAsFileTime
GetLastError
TlsSetValue
InterlockedExchange
HeapCreate
VirtualFree
WritePrivateProfileStringA

user32

DialogBoxIndirectParamW
CreateIcon
WindowFromPoint
TranslateMessage
GetClassNameW
MessageBoxA
CharToOemA
OpenDesktopA
GetMessageExtraInfo
IsCharAlphaA
GetQueueStatus
CheckRadioButton
GetUserObjectSecurity
IsCharAlphaNumericA
UnhookWindowsHook
GetDlgItemInt
DrawTextExA
wsprintfA
DestroyWindow
EmptyClipboard
SetUserObjectInformationW
CreateMDIWindowA
GetKeyboardState
RemoveMenu
CloseClipboard
SetClassLongW
ShowWindow
ReplyMessage
IsDlgButtonChecked
GetMenuItemInfoA
GetWindowTextA
InflateRect
GetMessageTime
SetScrollPos
TrackMouseEvent
CascadeWindows
GetClassLongA
SetPropA
RegisterClassExA
MessageBoxExW
DdeUninitialize
CharNextW
EnumDesktopsW
GetSystemMetrics
SetWindowLongA
DrawStateA
BroadcastSystemMessageW
RegisterClassA
GetClipboardFormatNameA
ShowCaret
DdeSetUserHandle
CreateWindowExW
UnhookWinEvent
GetTabbedTextExtentA
GetKeyboardLayoutList
SetLastErrorEx
FindWindowExA
SetMessageQueue
OffsetRect
MapVirtualKeyExW
DefWindowProcW
DrawFrameControl
GetWindowThreadProcessId
GetClipboardSequenceNumber

shell32

SHGetFileInfoW
DoEnvironmentSubstA
SheGetDirA
RealShellExecuteW

Sections

.text
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ddf91d866891afb6f5260e829991af2

Headers

File Characteristics

Imports

comctl32

kernel32

user32

shell32

Sections

.text Size: 306KB - Virtual size: 306KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 117KB - Virtual size: 136KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 306KB - Virtual size: 306KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 117KB - Virtual size: 136KB

.rsrc
Size: 60KB - Virtual size: 60KB