840f8a1704d03afe30d6d550ae5ecd4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

840f8a1704d03afe30d6d550ae5ecd4b_JaffaCakes118
Size

268KB
MD5

840f8a1704d03afe30d6d550ae5ecd4b
SHA1

ae3483fb8de274cac5d7589fa8436aace83560a8
SHA256

221855e4bd114deb4a65b6bc90ee7379a5cc391dcfe2e9ee048f6024873330c6
SHA512

1ac70ba67a6fc0e65ac1d19c09a7d5e363d8aebb9f7b305babfa688c5aeecc9efc94c463a9e4f353627918ad7155718589bb13487fc52ad374048b436867330f
SSDEEP

6144:bMGi98K5Qx0uVF713gwFkhOO9iybcTSDNx+w:YGq5Qx08h3glhpQyaY+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
840f8a1704d03afe30d6d550ae5ecd4b_JaffaCakes118

Files

840f8a1704d03afe30d6d550ae5ecd4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35bbc4eea41cfa400dd501193069cb87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CreateMutexA
GetCurrentProcess
TlsAlloc
GlobalLock
FreeEnvironmentStringsW
TlsGetValue
lstrlenW
FileTimeToSystemTime
GetCurrentProcessId
GetTickCount
FreeResource
GetModuleFileNameW
SetConsoleCtrlHandler
lstrcmpiA
SetUnhandledExceptionFilter
ConvertDefaultLocale
GetDriveTypeA
LockFile
IsValidLocale
GetVersion
GetTimeZoneInformation
SetFilePointer
GetStartupInfoA
SetStdHandle
TerminateProcess
QueryPerformanceCounter
CompareStringW
GetSystemTimeAsFileTime
MultiByteToWideChar
GetLocalTime
GetCurrentDirectoryA
SizeofResource
GetCurrentThread
IsBadCodePtr
GetFullPathNameA
GetLocaleInfoA
GetOEMCP
WritePrivateProfileStringA
VirtualFree
Sleep
LocalAlloc
LCMapStringA
CreateFileMappingA
GetFileSize
HeapAlloc
InterlockedExchange
LocalFree
HeapReAlloc
GetCurrentThreadId
WriteFile
CompareStringA
GetProcAddress
HeapSize
GetFileTime
CreateEventA
MoveFileA
GetWindowsDirectoryA
GetEnvironmentStrings
EnterCriticalSection
UnlockFile
IsValidCodePage
GetStdHandle
LocalFileTimeToFileTime
IsDBCSLeadByte
GetFileType
CloseHandle
FindResourceExA
GlobalGetAtomNameA
lstrcmpA
GetLocaleInfoW
GetLastError
FindFirstFileA
GetEnvironmentStringsW
FlushFileBuffers
LeaveCriticalSection
RaiseException
lstrcmpW
LockResource
TlsFree
TlsSetValue
VirtualAlloc
GetDateFormatA
FatalAppExitA
GetACP
CreateThread
InterlockedIncrement
GetUserDefaultLCID
SetEnvironmentVariableA
DosDateTimeToFileTime
GlobalFree
HeapDestroy
GetModuleFileNameA
LCMapStringW
FileTimeToLocalFileTime
LoadLibraryA
GetVersionExA
SetLastError
UnhandledExceptionFilter
IsBadWritePtr
ReadFile
VirtualProtect
RtlUnwind
GetSystemInfo
lstrcpyA
GetStringTypeW
VirtualQuery
GetSystemTime
GetModuleHandleA
GetCommandLineA
InterlockedDecrement
EnumSystemLocalesA
GetFileAttributesA
FreeEnvironmentStringsA
GetVolumeInformationA
CreateProcessA
GlobalHandle
DeleteCriticalSection
GetTimeFormatA
CompareFileTime
SetHandleCount
GetStringTypeExA
GetStringTypeA
ExitProcess
DeleteFileA
InitializeCriticalSection
IsBadReadPtr
GetPrivateProfileIntA
ExitThread
MulDiv
GlobalMemoryStatus
SetEvent
GetCPInfo
HeapFree
WideCharToMultiByte

ole32

RegisterDragDrop
OleUninitialize
CoInitializeSecurity
CoInitialize
StringFromCLSID
CoCreateInstance
OleGetClipboard
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CLSIDFromString
OleIsCurrentClipboard
OleRun
CoInitializeEx
OleLockRunning
CLSIDFromProgID
DoDragDrop
CoGetClassObject
CoRevokeClassObject
OleInitialize
CoTaskMemFree
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal

user32

DefWindowProcA
IsWindowVisible
GetDlgItemInt
CallNextHookEx
TrackPopupMenu
FillRect
GetWindowRect
DrawMenuBar
GetMessageA
TranslateMessage
GetIconInfo
SetRectEmpty
CreateWindowExA
CreateCaret
IsWindowUnicode
PostQuitMessage
GetNextDlgTabItem
LoadMenuA
InvalidateRect
GetDesktopWindow
DispatchMessageA
OffsetRect
MessageBeep
GetClassLongA
IsRectEmpty
SendMessageA
GrayStringA
GetWindowDC
GetTopWindow
RegisterClassExA
DestroyMenu
ValidateRect
GetFocus
SetFocus
EnableWindow
GetDlgCtrlID
EndPaint
CallWindowProcA
GetWindow
GetMessagePos
PeekMessageA
DestroyWindow
SetDlgItemTextA
IsWindow
GetWindowPlacement
SetScrollPos
ReleaseCapture
IsDialogMessageA
wsprintfA
GetParent
BeginPaint
GetDlgItem
SetWindowContextHelpId
ExcludeUpdateRgn
CharUpperA
PtInRect
CopyRect
EndDialog
ShowOwnedPopups
GetForegroundWindow
SetDlgItemInt
SetCapture
GetKeyState
PostThreadMessageA
PostMessageA
CheckMenuItem
DrawTextA
CreateDialogIndirectParamA
RegisterClassA

comctl32

ImageList_Add
ImageList_Draw
ord17
InitCommonControlsEx

winspool.drv

ClosePrinter
ord204
DocumentPropertiesA

comdlg32

PrintDlgA
GetOpenFileNameA

shell32

DragAcceptFiles
SHFileOperationA
DragFinish
Shell_NotifyIconA
ord155
DragQueryFileA

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35bbc4eea41cfa400dd501193069cb87

Headers

File Characteristics

Imports

kernel32

ole32

user32

comctl32

winspool.drv

comdlg32

shell32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 96KB - Virtual size: 93KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 96KB - Virtual size: 93KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 40KB - Virtual size: 37KB