a741b966bfb1e5fab583c3ea2a2db3f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a741b966bfb1e5fab583c3ea2a2db3f7_JaffaCakes118
Size

339KB
MD5

a741b966bfb1e5fab583c3ea2a2db3f7
SHA1

2e8a7d516fc19f1634bafc39bdb789ffa9398469
SHA256

692f69e466d9f5d0bba705dd10351985eaf92b06af83d4c416877b966f2c816c
SHA512

dfc2d7d914566b8d95be14cb9fe06b029c79dadecc3af4aea2b7f9710c3640df460a865e296777bda2ef6c2a5cd0b41482f93cc12ff75925b5f8a5090bf0850c
SSDEEP

6144:lN+xA9GlcMO749p/NjOJlx/vU2cjs8oV/M6dyb1w2LHS9ZR8Pru6DdR:KxwdEVjSmoALHSp8Pru2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a741b966bfb1e5fab583c3ea2a2db3f7_JaffaCakes118

Files

a741b966bfb1e5fab583c3ea2a2db3f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0354e4dfaebad6efe33b6fc070edbbdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
GetVersion
GetEnvironmentStringsW
GetStartupInfoW
InterlockedCompareExchange
GetStringTypeA
LCMapStringW
TlsGetValue
FileTimeToLocalFileTime
CompareStringA
FlushInstructionCache
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcess
InitializeCriticalSection
OpenFileMappingA
UnhandledExceptionFilter
GetCPInfo
HeapReAlloc
HeapAlloc
HeapFree
TlsAlloc
TerminateProcess
GetStartupInfoA
LoadLibraryA
IsBadWritePtr
TlsFree
FreeEnvironmentStringsA
SetWaitableTimer
SetEnvironmentVariableA
VirtualFree
SetLastError
CreateMutexA
GetNamedPipeInfo
ReadFile
GetModuleHandleA
GetPrivateProfileStringW
SetFileAttributesA
FlushFileBuffers
GetTickCount
FreeEnvironmentStringsW
WideCharToMultiByte
InterlockedExchange
ReadConsoleOutputCharacterW
GetCommandLineA
HeapCreate
GetCurrentThread
WriteProfileStringW
GetUserDefaultLangID
lstrlen
LCMapStringA
DeleteCriticalSection
LeaveCriticalSection
GetStringTypeW
GetModuleFileNameA
EnterCriticalSection
RtlUnwind
GetLastError
ReadConsoleInputW
TlsSetValue
DeleteFileW
GetStdHandle
OpenMutexA
SetStdHandle
GetSystemTimeAsFileTime
GetProcAddress
GetStringTypeExA
GetLocalTime
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetFileType
GetThreadLocale
InterlockedDecrement
InterlockedIncrement
CloseHandle
LocalReAlloc
GetProfileIntW
GetTimeZoneInformation
GetNumberFormatA
SetFilePointer
SetHandleCount
HeapDestroy
GetEnvironmentStrings
VirtualQuery
ExitProcess
LockResource
CompareStringW
GetSystemTime
VirtualAlloc
GetCommandLineW
GetCurrentThreadId

gdi32

DeleteDC
GetSystemPaletteUse
GetStretchBltMode
SetWindowOrgEx
BitBlt
ExtCreatePen
ArcTo
GetRandomRgn
StretchBlt
SelectObject
GetFontLanguageInfo
GetColorSpace
DeleteObject
CreateDCA
GetDeviceCaps
GetNearestPaletteIndex
FloodFill
SetPolyFillMode
DeviceCapabilitiesExW
CreateMetaFileA
SetWinMetaFileBits
CreateEllipticRgnIndirect
GetViewportExtEx
SwapBuffers
CreateRoundRectRgn
GetObjectA
SetBoundsRect

wininet

RegisterUrlCacheNotification
FtpPutFileA
GetUrlCacheHeaderData
UnlockUrlCacheEntryFileW

comctl32

ImageList_Draw
CreateStatusWindow
DrawStatusTextW
ImageList_SetFlags
ImageList_GetFlags
ImageList_Merge
ImageList_Add
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_DragShowNolock
_TrackMouseEvent
ImageList_SetOverlayImage
InitMUILanguage
InitCommonControlsEx
ImageList_Read
ImageList_GetImageRect
ImageList_DragEnter
ImageList_SetBkColor
DrawStatusText
ImageList_GetBkColor
ImageList_SetFilter

user32

RegisterClassA
DefWindowProcW
ShowWindow
GetTopWindow
DestroyWindow
InvertRect
DdeQueryStringA
GetComboBoxInfo
RegisterClassExA
GetDesktopWindow
SetWindowsHookA
SetWindowsHookW
MessageBoxA
SendIMEMessageExW
DdeCreateStringHandleA
CreateWindowExW

advapi32

CryptGetUserKey

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0354e4dfaebad6efe33b6fc070edbbdd

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

comctl32

user32

advapi32

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 101KB - Virtual size: 127KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 101KB - Virtual size: 127KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 16KB - Virtual size: 15KB