a2a9ec8d03822d9f13671ed8fd47c119_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2a9ec8d03822d9f13671ed8fd47c119_JaffaCakes118
Size

336KB
MD5

a2a9ec8d03822d9f13671ed8fd47c119
SHA1

348933bea7d1aa77e14cb22bcb9c7b41a04b1af2
SHA256

4b7347705bb74d8fbd02deff95e6e40c78fa2ed38473a387e8cecefd95ea50d5
SHA512

4f03d7380c3261146b8f971d837e0211d6b1e57c704e9a3084360f0d38faa9fd9ccfdbc7f1deacef135b8fcebc5f5155ca0cbdf1e0df5b59b6f33f8d461e7242
SSDEEP

6144:VbATV7Cyl3lIYHQlW8Dcr2xYzq4KWGJg5nOqDgdbuchZ8B5RrKqX9fB416zuM:VsTJlhwlW8DqTq+PxOqGuhBvrnX9f2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2a9ec8d03822d9f13671ed8fd47c119_JaffaCakes118

Files

a2a9ec8d03822d9f13671ed8fd47c119_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77d11f689d97640e9fed6397a3bf9e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
PostQuitMessage
SetWindowPos
IsWindow
GetDC
SendMessageA
GetKeyState
DestroyWindow
GetParent
UpdateWindow
ShowWindow
SetWindowLongA
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
LoadStringA
RegisterClassA
GetSubMenu
SetTimer
FillRect
DispatchMessageA
EndPaint
SetFocus
BeginPaint
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
EndDialog
SetWindowTextA
CallWindowProcA
GetClientRect
DrawTextA
InvalidateRect
IsWindowVisible
GetSysColor
GetWindowLongA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadIconA
GetDesktopWindow
GetFocus
SetDlgItemTextA
MessageBoxA
DialogBoxParamA
SetCursor

advapi32

RegDeleteValueW
RegCloseKey

kernel32

LoadResource
FindClose
InitializeCriticalSection
FormatMessageA
OutputDebugStringA
SetLastError
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
InterlockedDecrement
GetSystemTimeAsFileTime
WaitForSingleObject
GetSystemDefaultLangID
GetUserDefaultLangID
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
SetEvent
GetDriveTypeA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
GetTimeZoneInformation
GetUserDefaultLCID
GetEnvironmentVariableA
GetOEMCP
VirtualAlloc
IsBadReadPtr
Sleep
VirtualFree
HeapCreate
IsValidCodePage
SizeofResource
LoadLibraryExA
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
GlobalAlloc
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
WaitForMultipleObjects
FindNextFileA
ResetEvent
FindNextFileW
CreateProcessA
GetProcessHeap
GetProcAddress
GetStartupInfoW
TlsGetValue
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedExchange
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
WriteFile

gdi32

SelectObject
GetStockObject
DeleteDC
GetDeviceCaps
SetBkColor
BitBlt
CreateCompatibleDC

ole32

OleUninitialize
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_strcmpi

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77d11f689d97640e9fed6397a3bf9e4b

Headers

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

ole32

msvcrt

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 304KB - Virtual size: 301KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 304KB - Virtual size: 301KB

.rsrc
Size: 4KB - Virtual size: 3KB