8478a4766b053aaecc13ed431a4c0586_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8478a4766b053aaecc13ed431a4c0586_JaffaCakes118
Size

524KB
MD5

8478a4766b053aaecc13ed431a4c0586
SHA1

b2441d63c2bced609298a8d7df8882bf43ecf184
SHA256

92457553c11ddf7885e2f1325586e49cd116b9b6179af0ae2b06e41d35907345
SHA512

a0285277c820c595e467736069731e61226fe04c1f407614b19acfa4fc56a74385cdf85a3acadde02bf7a705c154b8a29681d41a9190e8aa27928c1275647d3a
SSDEEP

12288:/i2iTy5Y3VuYQROFSsMDyB28SNsBrK/h92ZDyVtTNM0Cl:/leiyBVYsBrKSYVtS1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8478a4766b053aaecc13ed431a4c0586_JaffaCakes118

Files

8478a4766b053aaecc13ed431a4c0586_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4728457eaae0d4bb46361963d3b2613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
GetVersionExA
WaitForSingleObject
CreateProcessA
WriteFile
SetFilePointer
CreateFileA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetModuleHandleA
GetVersion
lstrcmpA
lstrcatA
FreeLibrary
GetModuleFileNameA
MulDiv
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
lstrcpyA
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
HeapSize
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
LocalFree
InterlockedExchange
FlushInstructionCache
OutputDebugStringA
DebugBreak
lstrcpynA
WideCharToMultiByte
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
lstrlenW
GlobalAlloc
GlobalHandle
GlobalFree
FreeResource
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentProcess
CreateMutexA
GetLastError
CloseHandle
Sleep
CreateThread
GlobalMemoryStatusEx
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
lstrlenA
GetComputerNameA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetEnvironmentStrings
GetCurrentThreadId
IsBadCodePtr
InterlockedDecrement

user32

DrawTextA
InvalidateRgn
SetCapture
IsWindow
GetDesktopWindow
GetFocus
IsChild
GetSysColor
BeginPaint
ShowWindow
CreateAcceleratorTableA
GetWindowTextLengthA
SendMessageA
GetDlgItem
EnumChildWindows
SetWindowTextA
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
GetWindowLongA
LoadStringA
DispatchMessageA
EndPaint
FillRect
MoveWindow
GetClassNameA
EnumWindows
SetScrollInfo
CallWindowProcA
CharLowerA
CreateWindowExA
RedrawWindow
LoadBitmapA
ScrollWindowEx
SetFocus
GetScrollRange
SetScrollPos
GetMessagePos
ScreenToClient
GetDlgCtrlID
GetScrollPos
TranslateMessage
GetMessageA
PeekMessageA
ReleaseDC
CharNextA
wvsprintfA
ReleaseCapture
GetWindowTextA
RegisterWindowMessageA
CreateDialogIndirectParamA
MessageBoxA
CreatePopupMenu
AppendMenuA
IsMenu
TrackPopupMenu
DestroyMenu
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetSystemMetrics
LoadImageA
LoadIconA
CreateDialogParamA
EndDialog
GetSystemMenu
EnableMenuItem
EnableWindow
GetActiveWindow
DialogBoxParamA
SetForegroundWindow
PostQuitMessage
IsDialogMessageA
SetWindowLongA
InvalidateRect
SetTimer
KillTimer
DestroyIcon
DestroyWindow
DefWindowProcA
GetDC

gdi32

CreateBrushIndirect
SetBkColor
MoveToEx
CreateCompatibleBitmap
LineTo
CreateSolidBrush
GetStockObject
SetBkMode
SetTextColor
ExtTextOutA
DeleteDC
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteObject
CreateCompatibleDC
SelectObject
StretchBlt
SetStretchBltMode
CreatePen
SetViewportOrgEx
BitBlt

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumKeyA

shell32

SHGetFileInfoA
ShellExecuteA

ole32

StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoTaskMemAlloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitializeSecurity
CoCreateInstance
CoInitialize
CoUninitialize
OleLockRunning
CLSIDFromProgID

oleaut32

VariantChangeType
SysAllocStringLen
SysStringLen
VariantClear
VariantCopy
OleCreateFontIndirect
LoadRegTypeLi
SysFreeString
SysAllocString
GetErrorInfo
CreateErrorInfo
VariantInit

comctl32

ImageList_DrawEx
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
ImageList_GetIconSize

msimg32

GradientFill

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ordata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4728457eaae0d4bb46361963d3b2613

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

version

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 24KB - Virtual size: 27KB

.rsrc Size: 80KB - Virtual size: 77KB

.ordata Size: 76KB - Virtual size: 76KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 24KB - Virtual size: 27KB

.rsrc
Size: 80KB - Virtual size: 77KB

.ordata
Size: 76KB - Virtual size: 76KB