69e6fec28f8c980b3529074edc94922c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69e6fec28f8c980b3529074edc94922c_JaffaCakes118
Size

608KB
MD5

69e6fec28f8c980b3529074edc94922c
SHA1

5999037b0cd805dbbebc39120c41b808a7b15fde
SHA256

15f9da39193a0c334aa5c572e808d9584dd0513a4aef36f4c57f36b1bb828632
SHA512

1bb1a92592fe4392d36df7c5507c496a19d10046b55d7c83185aeba40623e0e4a8d491ef46eefa248419bec145992a72365f36932d15aab14ff188c7ac241f3c
SSDEEP

12288:dNz4skAwZATmvYDls06xIXuHkk0t+KtV6Rg3qKHbV6:74s3XMX0sIeEb+Kn+g3DV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69e6fec28f8c980b3529074edc94922c_JaffaCakes118

Files

69e6fec28f8c980b3529074edc94922c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7eac38cb993c32da41779dccd5368a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconA
SHFreeNameMappings
SheGetDirA
ShellHookProc
ShellExecuteW

wininet

SetUrlCacheEntryInfoW

comctl32

ImageList_Remove
ImageList_DrawEx
CreateStatusWindowW
ImageList_GetImageCount
ImageList_GetImageInfo
DrawStatusText
ImageList_Write
ImageList_Destroy
GetEffectiveClientRect
DrawStatusTextW
MakeDragList
ImageList_GetDragImage
ImageList_AddMasked
CreatePropertySheetPageA
ImageList_Merge
ImageList_SetDragCursorImage
CreatePropertySheetPage
InitCommonControlsEx
DrawStatusTextA

kernel32

GetSystemTimeAsFileTime
OpenMutexA
GetEnvironmentStringsW
GetStdHandle
CompareStringW
GetModuleFileNameA
HeapAlloc
SetStdHandle
CloseHandle
GetCurrentThreadId
WriteConsoleOutputA
LCMapStringW
GetOEMCP
GetExitCodeThread
GetCPInfo
GetLocaleInfoW
GetStringTypeW
EnumTimeFormatsA
SetFilePointer
GetCurrentProcess
RtlUnwind
CreateDirectoryW
FreeEnvironmentStringsW
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
GetFileType
SetHandleCount
GetModuleHandleA
GetProcAddress
CompareStringA
TlsSetValue
GetStringTypeA
TlsAlloc
GetCurrentProcessId
HeapReAlloc
TlsFree
ReadFileEx
UnhandledExceptionFilter
TerminateProcess
GetEnvironmentStrings
DeleteCriticalSection
GetCommandLineW
GetACP
TlsGetValue
InitializeCriticalSection
LoadLibraryA
GetUserDefaultLCID
ExitProcess
IsValidCodePage
IsBadWritePtr
VirtualQuery
SetComputerNameA
VirtualAlloc
GetTimeZoneInformation
GetTimeFormatA
IsValidLocale
CreateMutexA
FlushFileBuffers
LCMapStringA
GetLastError
GetDateFormatA
HeapCreate
WriteFile
GetVersionExA
QueryPerformanceCounter
HeapSize
EnumSystemLocalesA
GetCurrentThread
FileTimeToDosDateTime
GetCommandLineA
SetLastError
GetTickCount
GetLocaleInfoA
GlobalFix
VirtualFree
GetStartupInfoW
ReadFile
GetStartupInfoA
HeapDestroy
WideCharToMultiByte
SetEnvironmentVariableA
DeleteFiber
FreeEnvironmentStringsA
InterlockedExchange
GetNumberFormatW
GetModuleFileNameW
VirtualProtect
HeapFree
SetFileAttributesW
MultiByteToWideChar

user32

RegisterClassA
SetShellWindow
CharLowerW
CreateIconFromResource
GetTabbedTextExtentA
DestroyIcon
CharToOemBuffW
GetScrollPos
DdeQueryStringW
DefWindowProcA
DestroyWindow
EnableWindow
MessageBoxA
DefDlgProcA
ChangeDisplaySettingsA
MonitorFromPoint
GetScrollBarInfo
ClipCursor
CharUpperBuffA
RegisterClassExA
GetWindow
CreateMDIWindowA
DestroyAcceleratorTable
GetPriorityClipboardFormat
UnhookWindowsHookEx
CreateWindowExW
GetFocus
ShowWindow
DefFrameProcA
GetDlgItemTextA
SetMessageQueue
CreateCaret
SwapMouseButton

gdi32

GetROP2
SelectClipRgn
CreatePolyPolygonRgn
GetEnhMetaFileW
DrawEscape
EndDoc
GetSystemPaletteUse
RestoreDC
SetStretchBltMode
GetGlyphOutlineW
SetWindowExtEx
SetAbortProc
PlayEnhMetaFileRecord
SetDIBColorTable
ScaleWindowExtEx
GetTextMetricsA
GetMetaFileW
CreateDIBSection
GetMapMode

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eac38cb993c32da41779dccd5368a4d

Headers

File Characteristics

Imports

shell32

wininet

comctl32

kernel32

user32

gdi32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 141KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 141KB

.rsrc
Size: 24KB - Virtual size: 20KB