832641ade140ffe0cde0a21229cc0fe9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

832641ade140ffe0cde0a21229cc0fe9_JaffaCakes118
Size

4.8MB
MD5

832641ade140ffe0cde0a21229cc0fe9
SHA1

77e0d6a2655c87c8e6d5a87f9d088a1f656c8540
SHA256

19ce8918b14ed127b39235ab74e6d44cdd70c79bfc6aebf96d71622a1d889687
SHA512

c6198ded064c8cd46ff6585ec4a504f4d421e9eccfc2fe6a9bbff1e044d397258ada10f6dea6fca42fd07473947d6785755bb29e0f52e7717700b7196c673319
SSDEEP

12288:F/i50U+UOVu96bnTkIFwCxj+gJlYyuIZHdoY6zq:NUOM4TkIFjj+gJuyuUHeNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
832641ade140ffe0cde0a21229cc0fe9_JaffaCakes118

Files

832641ade140ffe0cde0a21229cc0fe9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6e7761e68739f4f4ea139c38bc8a74a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
HeapSize
ExitProcess
Sleep
HeapReAlloc
GetStringTypeA
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
VirtualFree
VirtualAlloc
CloseHandle
OpenMutexW
GetCommandLineW
GetCurrentProcessId
lstrcmpW
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetModuleFileNameW
LoadLibraryExW
SizeofResource
MultiByteToWideChar
CompareStringW
WriteConsoleA
SetLastError
FindResourceW
LoadResource
LockResource
lstrcatW
lstrcpynW
lstrlenA
lstrcpynA
lstrcpyW
GetVersionExW
FreeLibrary
LoadLibraryW
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
RaiseException

user32

GetWindowThreadProcessId
GetActiveWindow
WindowFromPoint
GetMessagePos
ModifyMenuW
DrawEdge
DrawFrameControl
LoadMenuW
LoadAcceleratorsW
GetSysColorBrush
GetWindowDC
CharLowerW
RegisterWindowMessageW
CallNextHookEx
SystemParametersInfoW
SetWindowsHookExW
FrameRect
GetClassNameW
GetFocus
OffsetRect
GetCapture
ReleaseCapture
EndPaint
BeginPaint
GetCursorPos
DrawFocusRect
FillRect
DrawTextW
IsWindowEnabled
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
GetSystemMetrics
GetDesktopWindow
InflateRect
GetSysColor
ReleaseDC
AdjustWindowRectEx
GetKeyState
SetCursor
SetCapture
ClientToScreen
GetDC
IsMenu
SetRectEmpty
PeekMessageW
PtInRect
MessageBeep
GetSubMenu
IsWindowVisible
LoadBitmapW
CallWindowProcW
CheckMenuRadioItem
EnableMenuItem
AppendMenuW
DeleteMenu
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoW
GetMenuItemID
GetMenuItemCount
DestroyMenu
LoadStringA
PostQuitMessage
SetFocus
LoadStringW
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
IsWindow
GetDlgCtrlID
GetParent
RedrawWindow
UpdateWindow
MapWindowPoints
GetClientRect
SetWindowPos
SetMenu
GetMenu
SetWindowTextW
PostMessageW
CreateWindowExW
RemoveMenu
CreatePopupMenu
GetWindowLongW
InvalidateRect
GetWindowRect
SendMessageW
TranslateAcceleratorW
GetClassInfoExW
LoadCursorW
LoadImageW
RegisterClassExW
DestroyWindow
CharNextW
DefWindowProcW
ShowWindow
SetWindowLongW
wvsprintfW
UnhookWindowsHookEx
UnregisterClassA

gdi32

GetStockObject
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
GetObjectW
DeleteDC
GetCurrentObject
SetViewportOrgEx
CreateCompatibleBitmap
Polygon
CreatePen
CreateSolidBrush
SetBkMode
SetTextColor
CreateFontIndirectW
BitBlt
SetBrushOrgEx
SetBkColor
PatBlt
CreatePatternBrush
CreateBitmap

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr

comctl32

ImageList_LoadImageW
ord8
ImageList_DrawIndirect
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
CreateStatusWindowW
InitCommonControlsEx
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageCount

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7761e68739f4f4ea139c38bc8a74a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 362KB - Virtual size: 361KB