7468b3f8d010a6c0a95fa9b41ce7adab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7468b3f8d010a6c0a95fa9b41ce7adab_JaffaCakes118
Size

320KB
MD5

7468b3f8d010a6c0a95fa9b41ce7adab
SHA1

145326133065c3beae8d449d54848a750ee26714
SHA256

f91f496218fb6c834473496dac69a251ba53748c7e8d4e9ac7d9020276ff7aa0
SHA512

9ac1bb610ba1a9e961cecc866ee6f333f1a058e4cacb09c78d78d007ab622e64be0242983a3b7e5ad0b2e9a486f1368a17ce18feece1d75d6440c6444236162a
SSDEEP

6144:8371OUZmWoLGwGIeA47KU+laV3fOtvrKNsXOhYeUOw:8LsUToqwG7A4mPlaV3f2wQiG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7468b3f8d010a6c0a95fa9b41ce7adab_JaffaCakes118

Files

7468b3f8d010a6c0a95fa9b41ce7adab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f45613275754ab73c8f8986a536f4000

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ImpersonateDdeClientWindow
ChangeDisplaySettingsA
GetMonitorInfoA
DefFrameProcW
DrawCaption
CreateMenu
SetShellWindow
DdeSetQualityOfService
CreateCursor
RegisterClassExA
GetMenuDefaultItem
EnumDesktopsW
EnumPropsA
GetClassInfoA
PeekMessageA
DdeInitializeA
FindWindowA
IsChild
GetThreadDesktop
GetWindowLongW
SetFocus
GetInputDesktop
DdeDisconnectList
GetKBCodePage
IsZoomed
ArrangeIconicWindows
GetDC
DdeGetLastError
IsRectEmpty
InternalGetWindowText
DdeAccessData
ReplyMessage
GetUserObjectInformationA
SetCursorPos
IsCharAlphaNumericA
TrackPopupMenuEx
PostThreadMessageA
SwitchToThisWindow
SetUserObjectSecurity
EnumDisplayDevicesA
SetMenu
CheckMenuRadioItem
CopyAcceleratorTableW
BeginPaint
SendMessageW
CharToOemW
LockWindowUpdate
EmptyClipboard
CloseDesktop
BroadcastSystemMessageA
DdeKeepStringHandle
RegisterClassA
SetClipboardViewer
InsertMenuItemA
DdeCreateStringHandleW
InsertMenuW
ScrollWindow
BroadcastSystemMessage
FlashWindowEx
AdjustWindowRect

kernel32

GetFileTime
TlsFree
GetConsoleScreenBufferInfo
CreateMutexA
GetModuleHandleA
GetLocaleInfoA
EnumSystemLocalesA
CreateThread
InterlockedIncrement
TlsGetValue
GetLogicalDriveStringsW
WriteFileEx
GetTimeFormatA
GetFileAttributesA
GlobalFree
GetStartupInfoA
GetStartupInfoW
SetFilePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
DeleteCriticalSection
CompareStringA
GetCurrentThreadId
GetConsoleCP
GetProcAddress
LCMapStringA
GetCurrentProcessId
HeapReAlloc
GetCommandLineW
HeapCreate
WriteConsoleA
GetACP
SetLastError
GetCommandLineA
GetStdHandle
HeapFree
GetUserDefaultLCID
TryEnterCriticalSection
CompareStringW
CreatePipe
GetCurrentDirectoryA
FreeEnvironmentStringsW
GetTickCount
TlsSetValue
GlobalCompact
VirtualQuery
GetSystemTimeAdjustment
LCMapStringW
TerminateProcess
OpenMutexA
RtlUnwind
GetShortPathNameW
HeapAlloc
lstrlenA
CloseHandle
ExitProcess
InterlockedExchange
GetLastError
CreateSemaphoreW
WideCharToMultiByte
LoadModule
GetCPInfo
VirtualAlloc
SetStdHandle
SetHandleCount
SetThreadContext
FindResourceExW
WriteFile
WritePrivateProfileSectionW
InterlockedDecrement
GetCurrentProcess
IsValidCodePage
Sleep
GetFileType
GetCurrentDirectoryW
WaitForSingleObjectEx
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
OpenWaitableTimerA
EnterCriticalSection
GetConsoleOutputCP
GetConsoleMode
LeaveCriticalSection
FlushFileBuffers
IsBadWritePtr
OpenSemaphoreA
GetModuleFileNameW
MultiByteToWideChar
LocalAlloc
GetLogicalDriveStringsA
GetCalendarInfoA
GetTimeZoneInformation
FreeLibrary
HeapDestroy
CreateFileA
UnhandledExceptionFilter
GetOEMCP
SetConsoleCtrlHandler
ResumeThread
ExpandEnvironmentStringsW
GetModuleHandleW
CreateSemaphoreA
WriteConsoleOutputCharacterA
WriteConsoleW
DosDateTimeToFileTime
SetUnhandledExceptionFilter
GlobalAddAtomW
HeapSize
ReadFile
AddAtomA
InitializeCriticalSection
GetLocaleInfoW
GetModuleFileNameA
TlsAlloc
WriteConsoleOutputA
GetUserDefaultLangID
GetDateFormatA
ReadConsoleA
QueryPerformanceCounter
lstrcatW
GetCurrentThread
VirtualFree
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
LoadLibraryA
IsValidLocale

advapi32

RegSaveKeyA
GetUserNameW
RegRestoreKeyA
CryptEnumProvidersA
LookupAccountNameW
RegLoadKeyA
CryptSetProviderExA
CryptDecrypt
RegEnumValueW
CryptGetUserKey
CryptEnumProviderTypesW
RegReplaceKeyW
LookupPrivilegeValueA
RegOpenKeyExW
CryptGetKeyParam
RegRestoreKeyW
CryptEnumProviderTypesA
LogonUserW
LogonUserA

comctl32

ImageList_Copy
ImageList_GetIcon
ImageList_SetDragCursorImage
ImageList_Merge
InitCommonControlsEx
ImageList_DragEnter
ImageList_SetFilter

gdi32

GetClipRgn
SetBitmapBits
SaveDC

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f45613275754ab73c8f8986a536f4000

Headers

File Characteristics

Imports

user32

kernel32

advapi32

comctl32

gdi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 75KB - Virtual size: 74KB

.data Size: 93KB - Virtual size: 122KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 93KB - Virtual size: 122KB

.rsrc
Size: 11KB - Virtual size: 11KB