b560313b74c6e60eafc6e11170161d66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b560313b74c6e60eafc6e11170161d66_JaffaCakes118
Size

510KB
MD5

b560313b74c6e60eafc6e11170161d66
SHA1

64247381697e0b26c27f7a80cda70a47fe89873f
SHA256

9df3ec21cc3690d38d6d069916da9c2da1afec06a7e962c6712b63e84dba75d0
SHA512

ddf68f50043e7563b696d53bda22a84521069c133fd36c69a766ad74314c19874968257a6a872ef951745c9dd357aa26a82e0ea43680deae90cd7421a99e18fe
SSDEEP

12288:dwCgrGChNRSJPyTuwKIm/QzuQcaWHDiJ5+v0y6:2CgrGChEWa/wcnDcy0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b560313b74c6e60eafc6e11170161d66_JaffaCakes118

Files

b560313b74c6e60eafc6e11170161d66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

499bf1d96df1078d57daaac344e072ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

gdi32

DeleteDC
DeleteObject
GetDeviceCaps
SetBkColor
BitBlt
CreateSolidBrush
SetBkMode
SelectObject

kernel32

Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
SetStdHandle
InterlockedExchange
GetDiskFreeSpaceA
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalAlloc
GetProcAddress
FindNextFileA
CompareStringA
lstrcpyA
FindNextFileW
UnmapViewOfFile
lstrcmpA
CompareStringW
GetProcessHeap
WaitForMultipleObjects
DeleteFileW
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
FindResourceA
GetStartupInfoA
LoadLibraryA
VirtualAlloc
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
LoadLibraryW
SetHandleCount
GetSystemTime
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
GetOEMCP
FormatMessageW
LocalFree
SetEvent
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
WriteFile
GetStringTypeA
GetCPInfo
GetTempPathA
FreeEnvironmentStringsW
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetVersionExA
GetFileSize
GetExitCodeProcess

user32

IsIconic
GetWindowRect
GetSystemMetrics
BeginPaint
SetFocus
EndPaint
DispatchMessageA
CreateWindowExA
GetSubMenu
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
DefWindowProcA
UpdateWindow
GetParent
GetMessageA
DestroyWindow
PostMessageA
ScreenToClient
SendMessageA
DrawTextA
GetCursorPos
GetDC
SetForegroundWindow
PeekMessageA
IsWindow
SetWindowPos
LoadBitmapA
ReleaseDC
PostQuitMessage
DestroyMenu
MapWindowPoints
CheckMenuItem
GetWindowLongA
PtInRect
SetTimer
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
ReleaseCapture
SetWindowLongA
EndDialog
GetActiveWindow
SetCursor
GetDesktopWindow
GetFocus
FillRect
SetDlgItemTextA
MessageBoxA
DialogBoxParamA
GetSysColor
SystemParametersInfoA
wsprintfA
InvalidateRect
GetClientRect
CallWindowProcA
SetWindowTextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
exit
_exit
_cexit
_controlfp
__p__fmode
__set_app_type
_strcmpi
_except_handler3
__p__commode

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

499bf1d96df1078d57daaac344e072ab

Headers

File Characteristics

Imports

oleaut32

gdi32

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 351KB - Virtual size: 350KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 143KB - Virtual size: 142KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 351KB - Virtual size: 350KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 143KB - Virtual size: 142KB

.rsrc
Size: 1KB - Virtual size: 1KB