71906761c34e0d34a187687a2089d8a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71906761c34e0d34a187687a2089d8a1_JaffaCakes118
Size

621KB
MD5

71906761c34e0d34a187687a2089d8a1
SHA1

270707bdf438a0f8d7cd58c7dde7821b7ff43498
SHA256

f5504e8a738b77c2d59dbdc3e7631af38bbfb09edee5d04b3880a3de0d69094d
SHA512

51f2594c7fd132deceb55d66212436396e6e54a2e24533d502c88126626730566cb033c343d754682ddbb8b10b1eadc5ae2e62a8b0286c481b7f9305037a737b
SSDEEP

12288:MwbGuXgNITZpFYOYJjclYAAmKLtrkHtauIASth1/aM:1pwNIhYTzAAmKmNgASD1/a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71906761c34e0d34a187687a2089d8a1_JaffaCakes118

Files

71906761c34e0d34a187687a2089d8a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c666dece5391b73ceff3d67c9dd4b76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuStringW
RegisterClassA
SetScrollPos
GetClipboardFormatNameW
RegisterClassExA
MessageBoxW
BroadcastSystemMessageA
LoadKeyboardLayoutA
SetWindowsHookExA
EnumDesktopsW
SendIMEMessageExA
ShowScrollBar
RegisterWindowMessageW
GetInputState
GetNextDlgGroupItem
MessageBoxIndirectA
DdeGetLastError
ShowWindow
CopyAcceleratorTableA
IsCharUpperW
GetGuiResources
DdeUnaccessData
SetProcessDefaultLayout
DeferWindowPos
UpdateWindow
CopyIcon
MapVirtualKeyW
CopyRect
CreateDialogIndirectParamA
DefWindowProcA
SetUserObjectInformationW
LoadCursorW
FillRect
CreateDesktopA
GetMenuCheckMarkDimensions
SetMenuItemInfoW
TabbedTextOutW
GetCursor
CreateWindowExW
DragDetect
FlashWindow
SetCapture
CharLowerBuffW
CharLowerW
WaitForInputIdle
SetWindowPos
GetScrollInfo
ChildWindowFromPoint
DestroyWindow
GetDoubleClickTime
DlgDirListComboBoxW
AttachThreadInput
DrawTextExW

kernel32

CreateFileA
HeapDestroy
GetProfileSectionA
VirtualFree
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetWindowsDirectoryW
TlsFree
OpenMutexA
HeapAlloc
GetDateFormatA
WriteFileEx
IsDebuggerPresent
EnterCriticalSection
GetStdHandle
IsValidLocale
LoadLibraryA
CompareStringA
GetLastError
HeapCreate
ReadFile
CloseHandle
SetFilePointer
SetConsoleCursorPosition
GetLocaleInfoW
SetFileTime
FlushFileBuffers
InterlockedIncrement
HeapFree
EnumTimeFormatsA
GetConsoleOutputCP
CompareStringW
CreateMutexA
TlsSetValue
GetCurrentProcessId
lstrcmpiA
VirtualProtect
WriteFile
GetOEMCP
SetUnhandledExceptionFilter
Sleep
GetConsoleCP
UnhandledExceptionFilter
GetEnvironmentStringsW
ExitProcess
InterlockedDecrement
GetConsoleMode
SetConsoleCtrlHandler
GetModuleHandleW
WriteConsoleW
GetCPInfo
GetStringTypeA
MultiByteToWideChar
SetEnvironmentVariableA
GetModuleFileNameA
GetFileType
HeapReAlloc
GetTimeZoneInformation
GetTimeFormatA
HeapSize
DeleteCriticalSection
TlsAlloc
InterlockedExchange
LCMapStringA
GetACP
TlsGetValue
GetModuleHandleA
SetHandleCount
ReadFileEx
TerminateProcess
IsValidCodePage
WideCharToMultiByte
GetStartupInfoA
SetLastError
GetEnvironmentStrings
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
CreatePipe
GetUserDefaultLCID
FreeEnvironmentStringsA
FreeLibrary
GetLocaleInfoA
GetCurrentProcess
RtlUnwind
WriteConsoleA
SetStdHandle
GetCurrentThreadId
DebugBreak
LCMapStringW
GetCommandLineA
GetCurrentThread
VirtualQuery
GetProcAddress
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
VirtualAlloc
GetStringTypeW
CreateNamedPipeW

shell32

ExtractAssociatedIconExA
SHUpdateRecycleBinIcon
ExtractAssociatedIconA

advapi32

RegReplaceKeyA
CryptDestroyKey
RegQueryInfoKeyW
RegDeleteValueA
RegDeleteKeyW

gdi32

EnumFontsA
PlgBlt

comctl32

GetEffectiveClientRect
CreatePropertySheetPage
ImageList_AddMasked
DestroyPropertySheetPage
ImageList_Draw
ImageList_GetImageRect
CreatePropertySheetPageA
ImageList_DragLeave
InitCommonControlsEx
InitMUILanguage
ImageList_DragShowNolock
ImageList_Replace

wininet

InternetTimeToSystemTimeA
InternetInitializeAutoProxyDll
InternetAutodialHangup
InternetCreateUrlW
InternetTimeToSystemTimeW
InternetTimeFromSystemTime

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c666dece5391b73ceff3d67c9dd4b76

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

gdi32

comctl32

wininet

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 254KB - Virtual size: 254KB

.data Size: 111KB - Virtual size: 120KB

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 254KB - Virtual size: 254KB

.data
Size: 111KB - Virtual size: 120KB

.rsrc
Size: 78KB - Virtual size: 78KB