af8f24ac3eb00daec3da6208bec09cc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af8f24ac3eb00daec3da6208bec09cc5_JaffaCakes118
Size

504KB
MD5

af8f24ac3eb00daec3da6208bec09cc5
SHA1

503e237386662e70aebe185ce29553e93facdc01
SHA256

c30d8296b56d2d09db64d17d9e2c3e7a6fce2dc194161408ad76ee5d6efe7300
SHA512

70455c10ea93383ac207f1e17ce1d136fe52e35770a4516d11aa570c33cdbe7f207bb1462da672433ac31130336cef81a11e51d4fb2ea50925f5593b6af2e1bf
SSDEEP

12288:mjTui5WxuMSA8qLLgDlhp18SU2fIz2+fD9JbL:mjES4PgZhBfIz2+bP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af8f24ac3eb00daec3da6208bec09cc5_JaffaCakes118

Files

af8f24ac3eb00daec3da6208bec09cc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa2d031d4f3032e44778cf0ee850fe45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
RegFlushKey
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
GetUserNameA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
ExtractIconExA
Shell_NotifyIconA
ord155

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_AddMasked
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_DragLeave
ImageList_Add
ord17

user32

RegisterClassA
UnhookWindowsHookEx
LoadIconA
MessageBeep
DrawEdge
IsZoomed
RegisterWindowMessageA
GetForegroundWindow
MessageBoxA
SendMessageA
GetDlgItem
GetNextDlgTabItem
RemoveMenu
FillRect
GetClassNameA
SetWindowLongA
DestroyWindow
DefWindowProcA
LoadCursorA
EnableWindow
SendDlgItemMessageA
ExcludeUpdateRgn
TranslateMessage
GetMessageTime
EndDialog
LoadAcceleratorsA
DestroyCursor
DispatchMessageA
CheckMenuItem
SetWindowContextHelpId
GetCursorPos
GetScrollRange
SetDlgItemTextA
CreatePopupMenu
DrawTextA
SystemParametersInfoA
ShowWindow
GetFocus
GetSubMenu
PeekMessageA
RegisterClassExA
ReleaseDC
SetMenu
wsprintfA
IntersectRect
GetDesktopWindow
IsWindow
TrackPopupMenuEx
GetClassLongA
SetWindowTextA
DestroyIcon
CallNextHookEx
GetParent
IsWindowEnabled
EndPaint
GetDlgItemInt
SetWindowsHookExA
SetPropA
BeginPaint
SetForegroundWindow
SetCapture
GetSysColor
GetClientRect
GrayStringA
CreateWindowExA
CallWindowProcA
AppendMenuA
GetPropA
GetSysColorBrush
GetWindowRect
ExitWindowsEx
SetTimer
LoadImageA

gdi32

GetPixel
SelectObject
CreateSolidBrush
GetRgnBox
UnrealizeObject
SaveDC
GetCurrentPositionEx
GetDCOrgEx
GetObjectA
Escape
DeleteDC
Rectangle
LineTo
CreateDIBitmap
CreateBitmap
CreateRectRgn
SetWindowExtEx
ExcludeClipRect
SelectClipRgn
PtInRegion
BeginPath
EndPath
FillPath
RestoreDC
CreatePen
CreateDCA
GetCharABCWidthsA
CreateDIBSection
FillRgn
AbortDoc
CreateICA
SetBkColor
DeleteMetaFile
MoveToEx
FrameRgn
SetStretchBltMode
PaintRgn
CreateCompatibleBitmap
GetDeviceCaps

kernel32

GetModuleFileNameA
GetStartupInfoA
MultiByteToWideChar
CloseHandle
InterlockedExchange
GetConsoleCP
LCMapStringA
Sleep
VirtualAlloc
WideCharToMultiByte
GetStringTypeW
HeapDestroy
HeapSize
CompareStringW
VirtualQuery
GetEnvironmentStringsW
LoadLibraryA
GetSystemTimeAsFileTime
DeleteCriticalSection
QueryPerformanceCounter
ReadFile
LCMapStringW
FreeEnvironmentStringsA
SetEnvironmentVariableA
SetUnhandledExceptionFilter
TerminateProcess
EnterCriticalSection
GetACP
HeapAlloc
GetStringTypeA
WriteConsoleW
GetDateFormatA
GetTimeZoneInformation
GetTimeFormatA
GetCurrentProcessId
GetConsoleOutputCP
InterlockedIncrement
TlsGetValue
GetStdHandle
GetCommandLineA
IsValidCodePage
GetFileType
TlsSetValue
InterlockedDecrement
InitializeCriticalSection
SetFilePointer
IsDebuggerPresent
GetVersionExA
GetProcessHeap
GetLastError
RaiseException
UnhandledExceptionFilter
GetLocaleInfoA
GetCurrentProcess
CreateFileA
CreateMutexA
HeapFree
GetOEMCP
RtlUnwind
TlsFree
WriteConsoleA
WriteFile
SetLastError
CompareStringA
HeapReAlloc
SetStdHandle
LeaveCriticalSection
ExitProcess
GetProcAddress
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetCurrentThreadId
GetEnvironmentStrings
TlsAlloc
GetModuleHandleA
GetCPInfo
FreeEnvironmentStringsW
GetTickCount
VirtualFree
HeapCreate

ole32

StgIsStorageFile
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleIsCurrentClipboard
CoTaskMemAlloc
CoRevokeClassObject
RegisterDragDrop
DoDragDrop
CreateGenericComposite
OleLockRunning
CreateFileMoniker
CoTaskMemFree

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa2d031d4f3032e44778cf0ee850fe45

Headers

File Characteristics

Imports

advapi32

shell32

comctl32

user32

gdi32

kernel32

ole32

comdlg32

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 84KB - Virtual size: 105KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 84KB - Virtual size: 105KB

.rsrc
Size: 40KB - Virtual size: 37KB