671769c2a6f9cc9053cd36b5377b3701_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

671769c2a6f9cc9053cd36b5377b3701_JaffaCakes118
Size

2.9MB
MD5

671769c2a6f9cc9053cd36b5377b3701
SHA1

21a9e9d3c2a3160a94f4c088038c441d1c167145
SHA256

e42c68c2535acafc66920c3e5e891e8cdb56dd11d6b96854493b5a98d1e416b1
SHA512

0d4328e0b81ee32454b581b5f3c0c680a8dc4b8d5e9e8c323d5afb53738bbed78ba224516cb4acf63f274fce6497d6d0e7f05f8f076bd7cbdd9d6e049a40f9c8
SSDEEP

49152:hbtSnBBxg1RSQ5O8kohXM0lSTcACHOFbBRit4TA5:hhSXMRSQ5O8kSFHOFFRit

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
671769c2a6f9cc9053cd36b5377b3701_JaffaCakes118

Files

671769c2a6f9cc9053cd36b5377b3701_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caa3da40e1b2abb20477579d64b20c73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent

dsound

DirectSoundCreate8

gdi32

RectVisible

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemInfo
CreateThread
CloseHandle
ResumeThread
WaitForSingleObject
CreateDirectoryA
CreateEventW
CreateFileA
GetFileSize
ReadFile
SetFilePointer
ResetEvent
GetOverlappedResult
GetVersionExW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
GetCurrentThreadId
FindResourceExW
LoadResource
WriteFile
LoadLibraryW
FreeLibrary
InitializeCriticalSection
GetModuleFileNameW
SetEndOfFile
WriteConsoleW
GetLastError
GetTickCount
GetConsoleOutputCP
ConvertDefaultLocale
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
LockResource
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
GetCurrentDirectoryA
SetLastError
TlsFree
TlsSetValue
WriteConsoleA
Sleep
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetModuleHandleA
HeapReAlloc
RtlUnwind
GetStartupInfoW
HeapAlloc
GetVersionExA
HeapSize
GetFullPathNameA
GetDriveTypeA
IsDebuggerPresent
SetUnhandledExceptionFilter
MultiByteToWideChar
lstrlen
WideCharToMultiByte
HeapFree
GetProcessHeap
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

oleaut32

SysFreeString
SysAllocString
VariantChangeType
VariantClear
VariantInit

shell32

SHGetFolderPathW
ShellExecuteA

user32

WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
GetSystemMetrics
GetDC
CallNextHookEx
DefWindowProcW
GetClientRect
GetForegroundWindow
ScreenToClient
GetCursorPos
ReleaseCapture
SetCapture
UpdateWindow
ShowWindow
CreateWindowExW
PostQuitMessage
GetMessageExtraInfo
SetForegroundWindow
OpenIcon
IsIconic
RegisterClassExW
KillTimer
LoadCursorW
UnhookWindowsHookEx
LoadImageW
SetTimer
PostMessageW
SetWindowsHookExW
GetWindowLongW
GetKeyState
MonitorFromPoint
SystemParametersInfoW
SetWindowLongW
EnumDisplaySettingsW
SetWindowPos
SetWindowTextW
InvalidateRect
MessageBoxW
EnumDesktopWindows
SendMessageW
GetClassNameW
ShowCursor

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ole32

CoInitializeEx
CoSetProxyBlanket
CoInitializeSecurity
CoCreateInstance
CoUninitialize

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 387KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TEDATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

caa3da40e1b2abb20477579d64b20c73

Headers

File Characteristics

Imports

comctl32

dsound

gdi32

kernel32

oleaut32

shell32

user32

version

ole32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 387KB - Virtual size: 392KB

.data Size: 157KB - Virtual size: 4.5MB

.rsrc Size: 349KB - Virtual size: 352KB

.TEDATA Size: 8KB - Virtual size: 8KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 387KB - Virtual size: 392KB

.data
Size: 157KB - Virtual size: 4.5MB

.rsrc
Size: 349KB - Virtual size: 352KB

.TEDATA
Size: 8KB - Virtual size: 8KB