a00566c26d5928ff049a7672464f3bf9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a00566c26d5928ff049a7672464f3bf9_JaffaCakes118
Size

532KB
MD5

a00566c26d5928ff049a7672464f3bf9
SHA1

825397a35f1640535d313ac77c4c91c6f5d71c9b
SHA256

1eeaab007347f911c329682a5a9058fab35bb0b9dfe18cc655315d66ce374ec7
SHA512

809b7986b98106ff29876f90cc1dc1e2f5fa6ec8ec804d6f3c8381463169150f7a0601e6939e348c73615fd5e7f22cba45cf85ce37a9d1adef3ed24ad2b7914c
SSDEEP

12288:HhD8lOz8f8O9ancrZQ+q86TY6VBBDAXhSiT2kmI571S7llj0p1r:t8lOz8fMbPi9b5hJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a00566c26d5928ff049a7672464f3bf9_JaffaCakes118

Files

a00566c26d5928ff049a7672464f3bf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8c4ec72cda288b4819515ad9c5cfc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputA
IsBadWritePtr
GetLogicalDriveStringsA
QueryPerformanceCounter
TlsSetValue
DeleteAtom
FindFirstFileW
GetLastError
GetOEMCP
OutputDebugStringW
EnterCriticalSection
ReadConsoleOutputAttribute
GetFileAttributesA
HeapAlloc
GetCommandLineA
CloseHandle
GetLocalTime
GetTickCount
GetProfileIntW
GetDriveTypeA
CompareStringA
HeapDestroy
InitializeCriticalSection
LoadModule
GlobalAlloc
TlsFree
GlobalFlags
GlobalCompact
SetFilePointer
SetConsoleTitleA
VirtualAlloc
InterlockedIncrement
VirtualQuery
GetCurrentThread
HeapCreate
GetExitCodeProcess
SetStdHandle
GetSystemTimeAsFileTime
GetFileType
InterlockedExchange
CreateDirectoryExW
EnumDateFormatsExA
SleepEx
GetShortPathNameA
GetDiskFreeSpaceA
CreateFileMappingW
GetThreadLocale
FreeEnvironmentStringsA
RtlUnwind
SetLastError
FlushFileBuffers
GetProcessShutdownParameters
SetHandleCount
SetCurrentDirectoryA
GetStringTypeA
TlsAlloc
VirtualFree
SetConsoleScreenBufferSize
GetStringTypeW
WideCharToMultiByte
WaitForMultipleObjectsEx
HeapFree
WritePrivateProfileSectionA
SetEndOfFile
GetProcAddress
lstrcatW
GetTimeFormatA
CompareStringW
SetConsoleMode
FreeEnvironmentStringsW
ReleaseSemaphore
EnumResourceTypesW
GetCurrentThreadId
InterlockedDecrement
UnhandledExceptionFilter
WriteConsoleOutputAttribute
GetCurrentProcessId
SetConsoleTitleW
GetStartupInfoA
FlushInstructionCache
GetACP
EnumCalendarInfoA
GetStdHandle
ReadFile
GetStartupInfoW
TerminateProcess
lstrcatA
LoadLibraryExW
WriteFile
CommConfigDialogW
SetEnvironmentVariableA
SetFileTime
HeapValidate
AllocConsole
SetConsoleCursorPosition
TlsGetValue
lstrcpy
ExitProcess
DeleteCriticalSection
FindResourceA
MultiByteToWideChar
Sleep
EnumResourceNamesW
GetCurrentProcess
lstrlenW
GetLongPathNameW
GlobalFree
GetFileAttributesExA
GetSystemTime
GetCPInfo
GetModuleFileNameA
GetVersion
EnumSystemCodePagesA
FindNextFileA
GetShortPathNameW
LCMapStringW
RtlZeroMemory
SetThreadContext
SystemTimeToTzSpecificLocalTime
lstrcpyW
HeapReAlloc
LoadLibraryA
WaitNamedPipeA
CreateMutexA
GlobalUnlock
LCMapStringA
GetEnvironmentStrings
CreateWaitableTimerW
SetPriorityClass
GetEnvironmentStringsW
OpenMutexA
GetComputerNameW
GlobalUnfix
OpenSemaphoreA
LeaveCriticalSection
WritePrivateProfileStructW
ReadFileEx
WaitForSingleObjectEx
AddAtomW
GetModuleHandleA
GetTimeZoneInformation
ExpandEnvironmentStringsA
ReadConsoleInputW

comctl32

CreateStatusWindowW
ImageList_Read
ImageList_Create
ImageList_Duplicate
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_Remove
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_DragShowNolock
DrawStatusText
ImageList_LoadImageW
ImageList_BeginDrag
CreateStatusWindowA
CreateUpDownControl
InitMUILanguage
ImageList_DragLeave
ImageList_Write
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_GetIcon
CreatePropertySheetPage

user32

SetWindowPos
SetWindowTextA
WaitMessage
UpdateWindow
GetAncestor
DestroyWindow
ActivateKeyboardLayout
DdeQueryConvInfo
CharUpperA
DeleteMenu
LoadIconA
ExitWindowsEx
GetWindowTextA
RegisterClassExA
SubtractRect
OpenWindowStationW
GetWindowLongA
SetClipboardViewer
DdeDisconnectList
WaitForInputIdle
MessageBoxW
TabbedTextOutA
CreateIconFromResource
EnumDisplaySettingsW
MsgWaitForMultipleObjects
UnregisterDeviceNotification
GetClientRect
GetClassInfoW
LoadCursorW
DdeSetQualityOfService
MapVirtualKeyExW
PtInRect
DrawFrame
ShowWindow
EnumDisplayDevicesW
DdeDisconnect
CharPrevW
EnumDisplaySettingsA
GetTabbedTextExtentA
DdeSetUserHandle
FlashWindow
LoadImageA
ShowCursor
GetClassLongA
DdeConnect
CloseDesktop
MsgWaitForMultipleObjectsEx
EnumDisplayDevicesA
MapWindowPoints
RegisterClassA
ToAsciiEx
CreateWindowExW
InvertRect
GetParent
GrayStringW
EndMenu
BroadcastSystemMessage
GetCaretPos
CreateMDIWindowW
IsWindowEnabled
GetKeyNameTextA
OpenDesktopW
DdeQueryStringA
DlgDirListW
GetMenuItemCount
WINNLSGetEnableStatus
AnimateWindow
IsCharAlphaW
ReleaseCapture
GetOpenClipboardWindow
CreateWindowStationW
DdeCreateStringHandleA
RedrawWindow
DefWindowProcW

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee8c4ec72cda288b4819515ad9c5cfc9

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 244KB - Virtual size: 242KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 244KB - Virtual size: 242KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 20KB - Virtual size: 18KB