776b8237b876ff5f11bc224351429108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

776b8237b876ff5f11bc224351429108_JaffaCakes118
Size

420KB
MD5

776b8237b876ff5f11bc224351429108
SHA1

dd5d337b127d5c44e14bf02f29d25cfdcd64eb16
SHA256

52095bab5b85718f96daa5e3e593f072ed419aee9ada92a16d099a8e779fb55c
SHA512

d02171dffabc33ad590bb56ef3f27ee6b64fa6abcfc61cae0e7b629a25dcb15ef51965cbb7e8d742fffbb4d0a1b4b775169dfb7c48cf432fdb39c6ba8d469751
SSDEEP

6144:cDXlC2MICRtk6nkWC676TxJlUE7AwvJQz3z9jrz4k2wlnLpJ6q4NGr5av:oXlC2ZCHkJFJzAkJiBT2snN0q4z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
776b8237b876ff5f11bc224351429108_JaffaCakes118

Files

776b8237b876ff5f11bc224351429108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91c07d45e17eb71cc9a88b2fdb3579e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

gdi32

EnumICMProfilesA
CreateBitmap
GetCharABCWidthsFloatA
GdiPlayDCScript
ChoosePixelFormat
GetObjectType
GetCharABCWidthsW
GetEnhMetaFilePaletteEntries
CreateFontA
SetBkColor
DeleteDC
GetCharWidthW
SetBoundsRect

shell32

SHLoadInProc
CheckEscapesW
RealShellExecuteW
SHBrowseForFolder

kernel32

CompareStringW
HeapReAlloc
SetHandleCount
WriteConsoleW
WaitNamedPipeA
CreateMutexA
SetEnvironmentVariableA
OpenMutexA
ExitProcess
VirtualAlloc
GetModuleHandleW
GetCurrentThreadId
TerminateProcess
HeapFree
FreeEnvironmentStringsW
GetLastError
LeaveCriticalSection
IsValidCodePage
GetTimeFormatA
TlsAlloc
GetModuleHandleA
WriteConsoleA
GetEnvironmentStringsW
GetACP
VirtualFree
RtlUnwind
TlsSetValue
GetStartupInfoA
InterlockedExchange
GetCurrentProcess
WideCharToMultiByte
CreateMutexW
GetConsoleOutputCP
GetStringTypeW
HeapAlloc
Sleep
GetLocaleInfoA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
FlushFileBuffers
SetLastError
GetDateFormatA
GetCurrentThread
GetOEMCP
LoadLibraryA
lstrcpyn
GetConsoleMode
QueryPerformanceCounter
GetLocaleInfoW
SetUnhandledExceptionFilter
GetEnvironmentStrings
IsValidLocale
WriteFile
CreateDirectoryW
GetLocalTime
GetFileType
GetModuleFileNameA
GetCommandLineA
GetStringTypeA
HeapSize
EnumTimeFormatsW
VirtualQuery
SetStdHandle
ReadFile
InitializeCriticalSectionAndSpinCount
TlsGetValue
GetTickCount
MultiByteToWideChar
HeapDestroy
InterlockedDecrement
GetCPInfo
GetCurrentProcessId
InterlockedIncrement
GetProcAddress
SetConsoleCtrlHandler
HeapCreate
IsDebuggerPresent
EnumSystemLocalesA
FreeLibrary
CompareStringA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
EnterCriticalSection
SetFilePointer
UnhandledExceptionFilter
GetTimeZoneInformation
GetConsoleCP
GetStdHandle
TlsFree
CreateFileA
DeleteCriticalSection
CloseHandle

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_Merge
ImageList_SetFlags
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_LoadImage
ImageList_GetDragImage
CreateToolbar
ImageList_Write
GetEffectiveClientRect
ImageList_GetIcon
ImageList_GetFlags
ImageList_GetImageRect
ImageList_Read
DrawStatusTextW

user32

IntersectRect
FindWindowW
wvsprintfA
RegisterClassW
IsRectEmpty
RegisterClassExA
SetProcessDefaultLayout
DestroyWindow
GetMessagePos
SendMessageA
CharToOemBuffA
LoadImageA
DdeQueryConvInfo
MessageBoxA
GetForegroundWindow
SwitchToThisWindow
GetShellWindow
CreateWindowExW
CharPrevW
GetWindowTextW
EnumDisplayMonitors
IsDialogMessageW
UnregisterClassW
ChangeDisplaySettingsW
CheckRadioButton
MessageBeep
DestroyCaret
GetClipCursor
DefWindowProcA
CallMsgFilter
ShowWindowAsync
ChildWindowFromPointEx
RegisterClassA
ShowWindow
GetClassWord
GetSystemMenu
DdeGetLastError
MonitorFromPoint
GetSubMenu
GetMonitorInfoA

comdlg32

ReplaceTextW
GetFileTitleW

advapi32

RegQueryValueExW
DuplicateToken
RegEnumKeyExW
RegEnumKeyA
LookupAccountSidW
CryptEnumProvidersW
CryptGetDefaultProviderW
RegQueryMultipleValuesW
CryptVerifySignatureW
CryptExportKey
CryptSignHashA
RegEnumValueW
RegSetKeySecurity
RegDeleteValueW
RegOpenKeyExA
RegQueryValueA
CryptAcquireContextA
RegQueryValueExA
RegConnectRegistryW

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91c07d45e17eb71cc9a88b2fdb3579e9

Headers

File Characteristics

PDB Paths

Imports

gdi32

shell32

kernel32

comctl32

user32

comdlg32

advapi32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 104KB - Virtual size: 132KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 104KB - Virtual size: 132KB

.rsrc
Size: 72KB - Virtual size: 70KB