747f54d1acdef972bc6a8fcc974735f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

747f54d1acdef972bc6a8fcc974735f2_JaffaCakes118
Size

288KB
MD5

747f54d1acdef972bc6a8fcc974735f2
SHA1

cf01ba5374b9eb37929c82aed3a1e71b2bce4454
SHA256

b37111fcf72123710e2dff12268f856713a73cc786c2ba339470dd678e8e1996
SHA512

4dbd95e73387ef625e69d3e0074a165e1a9d07ef4e98626144f45e3121df5b36a1b2514c4229f557e025c9ffc81fb3a6f2bac821b029dd5a5be355cc8c4e78c9
SSDEEP

6144:SOxOCxYBqDUFhZSTWfr1OTQIYf+x9sp50B8NzXAt2fJbjhEjet:SO8CwcTWfrO55QdzQg5+qt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747f54d1acdef972bc6a8fcc974735f2_JaffaCakes118

Files

747f54d1acdef972bc6a8fcc974735f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a34004189d8a96c6b202dd9dcdd891bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameW
LsaQueryTrustedDomainInfo
RegQueryValueExW
CryptGetKeyParam

gdi32

CreateRectRgn
CreateRectRgnIndirect
DeleteObject
EnableEUDC
ExtTextOutW
GetObjectW
GetTextExtentPoint32W
SelectClipRgn
SelectObject
SetBkColor
SetTextColor

kernel32

GetCommandLineW
LoadResource
FindResourceA
ExitProcess
VirtualAlloc
EnterCriticalSection
FindResourceExW
FindResourceW
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryExW
LocalFree
LockResource
SetLastError
SetUnhandledExceptionFilter
SizeofResource
SystemTimeToTzSpecificLocalTime
TerminateProcess
UnhandledExceptionFilter
lstrlenA
lstrlenW
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
GetSystemInfo
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

ole32

CoTaskMemFree

rpcrt4

RpcMgmtInqServerPrincNameA
UuidEqual

user32

SetWindowLongW
SetWindowPos
ShowWindow
SetCapture
SendMessageW
ReleaseDC
RedrawWindow
LockWindowUpdate
LoadStringW
LoadImageW
LoadBitmapW
IsWindowVisible
IsIconic
GetWindowTextLengthW
GetWindowRect
GetWindowLongW
SetTimer
GetSysColor
GetParent
GetFocus
GetDlgItem
GetDlgCtrlID
GetDC
GetClientRect
FindWindowW
FindWindowExW
DrawAnimatedRects
DestroyWindow
DestroyIcon
DefWindowProcW
DdeNameService
CreateWindowExW
CreateDialogParamW
CopyRect
CharNextW
SetForegroundWindow
GetSystemMetrics
SetFocus
DrawTextW

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a34004189d8a96c6b202dd9dcdd891bf

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

rpcrt4

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 248KB - Virtual size: 246KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 248KB - Virtual size: 246KB