a7541254edee46c1fafac9bd6143a3ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7541254edee46c1fafac9bd6143a3ac_JaffaCakes118
Size

506KB
MD5

a7541254edee46c1fafac9bd6143a3ac
SHA1

725b5ba3105542554d4193f46c5133db3d2e09a1
SHA256

8f4c45413eebf6a985564c6470582344618aca7b563b64da125732646472b6e0
SHA512

aec5ad8b9630dddd0d2de6b93c98c1f775e5b4cef1c43738090660b0ffc78f9fe01e7da6b5d984c1d7027001ebbf7c56a367d68f331847215f7d4ed96b68a884
SSDEEP

12288:av4gXlk85AGwB3Aw7E+HzzKZ4wElx67bSC:av4gX5rQ3n7dqqlqSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7541254edee46c1fafac9bd6143a3ac_JaffaCakes118

Files

a7541254edee46c1fafac9bd6143a3ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c9c3816daecfffc386fd3b97aa4c482

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\yess.PDB

Imports

advapi32

RegEnumKeyExA
AbortSystemShutdownA
RegRestoreKeyA
RevertToSelf

comdlg32

LoadAlterBitmap
FindTextA
GetOpenFileNameW
ChooseColorA

kernel32

LoadLibraryA
InterlockedExchange
GetStdHandle
CompareStringW
SetLastError
GetVersionExA
EnterCriticalSection
EnumSystemLocalesA
GetCurrentThreadId
HeapDestroy
GetOEMCP
CreateDirectoryExW
AllocConsole
lstrcmpi
SetUnhandledExceptionFilter
GetPriorityClass
InterlockedDecrement
CreateProcessW
TlsAlloc
GetUserDefaultLCID
GetCommandLineA
SetFilePointer
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
ReadFile
WriteConsoleW
TerminateProcess
QueryPerformanceCounter
SetHandleCount
FreeEnvironmentStringsA
VirtualFree
CloseHandle
WriteProfileSectionA
CreateFileA
GetConsoleCP
VirtualQuery
HeapFree
GetStringTypeW
OpenMutexA
SetEnvironmentVariableA
SetConsoleCtrlHandler
TlsSetValue
LCMapStringA
GetProfileStringW
GetConsoleOutputCP
EnumResourceNamesA
GetTimeZoneInformation
InterlockedIncrement
GetConsoleMode
GetModuleFileNameA
FindFirstFileW
GetDiskFreeSpaceW
SetStdHandle
HeapCreate
UnhandledExceptionFilter
Sleep
GetProcAddress
GetCPInfo
GetLocaleInfoA
VirtualAlloc
RtlUnwind
FreeEnvironmentStringsW
InitializeCriticalSection
HeapReAlloc
GetStartupInfoA
GetStringTypeA
IsDebuggerPresent
LCMapStringW
GetFileType
TlsGetValue
GetDateFormatW
GetExitCodeThread
GetProcessHeap
GetCurrentProcessId
GetCurrentProcess
WriteConsoleA
WriteFile
GetLastError
ExitProcess
GetSystemTimeAsFileTime
WideCharToMultiByte
GetACP
GetTimeFormatA
CompareStringA
FreeLibrary
GetLocaleInfoW
IsValidLocale
GetEnvironmentStringsW
GetCurrentThread
GetEnvironmentStrings
HeapAlloc
LeaveCriticalSection
GetTickCount
HeapSize
DeleteCriticalSection
GetDateFormatA
TlsFree
IsValidCodePage
EnumTimeFormatsW
FlushFileBuffers

user32

SetShellWindow
ReplyMessage
RegisterClassExA
DefWindowProcA
DdeCreateDataHandle
MapVirtualKeyExA
MessageBoxW
GetMenuContextHelpId
RegisterClassA
ShowWindow
DdeUnaccessData
UnhookWindowsHook
IntersectRect
CreateWindowExA
IsDlgButtonChecked
DestroyAcceleratorTable
GetMenuState
CharToOemBuffW
DestroyWindow
ExitWindowsEx
InSendMessageEx
SetMenu
UnregisterHotKey
SetUserObjectSecurity
GetGuiResources
EnumWindowStationsW
CreateDialogParamA
CharToOemBuffA
GetMenuItemInfoA

comctl32

ImageList_GetFlags
CreateUpDownControl
DestroyPropertySheetPage
DrawInsert
CreateStatusWindowA
ImageList_GetDragImage
CreatePropertySheetPageW
DrawStatusText
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_SetDragCursorImage
CreatePropertySheetPage
CreateStatusWindowW
InitCommonControlsEx
ImageList_LoadImageA
CreateToolbarEx
CreateStatusWindow
CreatePropertySheetPageA
ImageList_SetFilter
ImageList_SetIconSize
ImageList_GetIconSize
GetEffectiveClientRect
ImageList_DragMove

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c9c3816daecfffc386fd3b97aa4c482

Headers

File Characteristics

PDB Paths

Imports

advapi32

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 30KB - Virtual size: 43KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 30KB - Virtual size: 43KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 25KB - Virtual size: 25KB