7146b7c0003c12d4f1c59f5f6c1c353f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7146b7c0003c12d4f1c59f5f6c1c353f_JaffaCakes118
Size

368KB
MD5

7146b7c0003c12d4f1c59f5f6c1c353f
SHA1

a8698c6824d22deeb6248b05fe59751b3bc1f9ff
SHA256

899b13a6dc69356d5f7856abe83a31f961b215292efbc6e02e5ffe9c200032f2
SHA512

70926a6c5115af6b02aebaf9b8d0de136c70101bc0fd4063881da6db88c2a42cd20f0de0cd2667c22d2e82aea34e0b484c804cd1d15d242a3dfd78e6c56b0c8c
SSDEEP

6144:C3BSL248Ou5Ayh6yw/YoO/1GI/yqZVT971sRhh0KYREeYS6UJZb6O:EiQx5Ayh65YoC1D6M9psWOhfUJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7146b7c0003c12d4f1c59f5f6c1c353f_JaffaCakes118

Files

7146b7c0003c12d4f1c59f5f6c1c353f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

537a9b2237f7f3a802fd7c2b2882a153

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\j

Imports

user32

RemoveMenu
GetInputState
RegisterClassA
MonitorFromWindow
CallMsgFilter
NotifyWinEvent
InternalGetWindowText
GrayStringW
ImpersonateDdeClientWindow
OemToCharA
GetComboBoxInfo
CountClipboardFormats
InSendMessageEx
DlgDirListW
SetLastErrorEx
LoadStringA
FindWindowA
CreateWindowExW
SetForegroundWindow
wvsprintfW
SendMessageTimeoutW
GetWindowLongW
RegisterClassW
GetMenuItemID
DlgDirListComboBoxW
SetDebugErrorLevel
SetCaretPos
DefDlgProcW
DeleteMenu
CallMsgFilterA
MonitorFromPoint
GetSysColor
DrawMenuBar
IsCharUpperA
SetClipboardData
LoadStringW
BeginPaint
WindowFromPoint
GetClassWord
InvertRect
ShowWindow
MessageBoxW
CharNextExA
VkKeyScanExA
ChangeDisplaySettingsExW
EnumDisplaySettingsW
GetWindowWord
GetProcessDefaultLayout
CreateCursor
SetClassLongW
SetScrollInfo
GetUpdateRect
LockWindowUpdate
DefFrameProcA
DestroyWindow
ScrollWindow
RegisterClassExA
OpenWindowStationW
SetWindowsHookExW
GetDoubleClickTime
SendIMEMessageExW
ChangeMenuA
DefWindowProcW
RegisterHotKey
WinHelpA
DestroyCaret
GetScrollRange
CreatePopupMenu
ScrollDC

gdi32

SetWindowOrgEx
Polygon
ExtEscape
GetPixel
FillRgn
PtInRegion
GetGlyphOutlineW

wininet

SetUrlCacheConfigInfoW
DeleteUrlCacheContainerW
InternetConnectA
CreateUrlCacheEntryA
SetUrlCacheEntryGroup
FtpRenameFileW
InternetWriteFileExA
FtpCommandW

kernel32

GetTimeFormatA
ReadFile
VirtualQuery
GetSystemDefaultLCID
GetSystemTimeAsFileTime
GetConsoleOutputCP
InitializeCriticalSection
GetConsoleMode
DeleteAtom
WriteConsoleW
OpenMutexA
lstrcmpi
HeapAlloc
lstrcmpW
GetLastError
CreateFileA
TlsGetValue
GetConsoleCP
lstrcpynA
FreeLibrary
TlsAlloc
SetStdHandle
GetStartupInfoA
lstrcat
GetPrivateProfileStructA
LeaveCriticalSection
CompareStringA
HeapDestroy
WriteConsoleOutputAttribute
GetCPInfo
SetEnvironmentVariableW
HeapReAlloc
CloseHandle
GetCurrentThreadId
SetConsoleCtrlHandler
GetTickCount
TlsSetValue
GetCurrentProcessId
IsValidLocale
CreateMutexA
MultiByteToWideChar
GetCurrentThread
OutputDebugStringA
ExitProcess
GetUserDefaultLangID
WaitForSingleObjectEx
RtlUnwind
RemoveDirectoryA
GetProcessHeap
GetDateFormatA
GetModuleFileNameA
GetCurrentProcess
LocalFree
WriteConsoleA
ReadConsoleInputA
UnhandledExceptionFilter
HeapSize
GetExitCodeProcess
HeapFree
SetFilePointer
SetHandleCount
GetUserDefaultLCID
IsDebuggerPresent
GetOEMCP
FreeEnvironmentStringsW
TransmitCommChar
EnumResourceTypesA
TlsFree
LCMapStringA
GetStringTypeExW
GetVersionExA
FindFirstFileW
GetStringTypeA
WaitForMultipleObjectsEx
GetFileType
GetStdHandle
SetThreadAffinityMask
EnumSystemCodePagesA
LocalFileTimeToFileTime
GetEnvironmentStringsW
SetConsoleTitleA
InterlockedExchange
QueryPerformanceCounter
GetACP
CreateDirectoryExW
GetEnvironmentStrings
FreeEnvironmentStringsA
AddAtomW
EnterCriticalSection
Sleep
GetProcAddress
GetTimeZoneInformation
VirtualFree
ReadConsoleOutputA
InterlockedIncrement
GetTempPathW
VirtualAlloc
CompareStringW
GetCalendarInfoW
LCMapStringW
GetCommandLineA
GetLocaleInfoA
WideCharToMultiByte
GetLocaleInfoW
SetLastError
LoadModule
EnumSystemLocalesA
SetUnhandledExceptionFilter
SetComputerNameA
GetPrivateProfileSectionA
IsValidCodePage
lstrcmpA
SetConsoleTitleW
FillConsoleOutputCharacterW
SetEnvironmentVariableA
LoadLibraryA
SetLocaleInfoA
FlushFileBuffers
GetTimeFormatW
SetCurrentDirectoryA
SetFileAttributesW
InterlockedDecrement
SetConsoleTextAttribute
TerminateProcess
WriteFile
GetStringTypeW
DeleteCriticalSection
WriteFileEx
SetPriorityClass
GetModuleHandleA
HeapCreate

comctl32

InitCommonControlsEx
ImageList_Read

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

537a9b2237f7f3a802fd7c2b2882a153

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

wininet

kernel32

comctl32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 92KB - Virtual size: 120KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 92KB - Virtual size: 120KB

.rsrc
Size: 12KB - Virtual size: 9KB