b564f8e87dc5cf92602d2061c6c46d2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b564f8e87dc5cf92602d2061c6c46d2d_JaffaCakes118
Size

476KB
MD5

b564f8e87dc5cf92602d2061c6c46d2d
SHA1

69f44ea8aac22188839e4030259782a0632010f2
SHA256

ffa315b17c67b17cad7dabfdd03c70be201ab5086f0e7f5b15237ca97411fb9d
SHA512

211c1a9db5e75cb9c8273897b4b922b45bb1602e5dbbd7f73f8ed7fea9f9c9c7ad44d75627a0dda4853a6226485be9ce9cfc194d310636e4b855d8a72191eddd
SSDEEP

12288:muHgWz6qBatjoxcEcZMHdZVpa5O7gch4k:XAWHBq0xF55D8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b564f8e87dc5cf92602d2061c6c46d2d_JaffaCakes118

Files

b564f8e87dc5cf92602d2061c6c46d2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d447fa82e2495e00b8455efcbd51598e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetGUIThreadInfo
MapVirtualKeyExW
RegisterClassExW
EnumDesktopWindows
CreateWindowExW
ChangeDisplaySettingsW
DrawFrameControl
DefWindowProcW
RegisterClassA
IsWindow
GetWindowModuleFileNameA
LookupIconIdFromDirectory
RegisterClassExA
SetTimer
DestroyWindow
SetMenuContextHelpId
ToUnicode
GetWindowLongA
ShowWindow
GetListBoxInfo
GetClassLongW
GetComboBoxInfo
LoadCursorFromFileW
EnumDesktopsA
SetDlgItemTextA
IsWindowVisible
SetMessageQueue
GetUserObjectInformationA
DlgDirListW
GetScrollInfo
CallMsgFilterA

comctl32

ImageList_Create
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetFlags
CreateMappedBitmap
CreatePropertySheetPageW
ImageList_DragShowNolock
ImageList_ReplaceIcon
ImageList_Copy

advapi32

RegQueryInfoKeyA
CryptGetKeyParam
RegConnectRegistryW
RegEnumKeyExA
CryptEncrypt
RegDeleteValueA
CryptExportKey
CryptSetProviderA
CryptEnumProviderTypesA
RegDeleteValueW
LogonUserA
LookupSecurityDescriptorPartsW
CryptGenKey
RegSaveKeyA

kernel32

GetTimeZoneInformation
GetTimeFormatA
GetCurrentProcess
UnhandledExceptionFilter
ExitProcess
VirtualQuery
SetHandleCount
ReadFile
GetStringTypeA
GetSystemTime
IsValidLocale
DeleteCriticalSection
GetDateFormatA
QueryPerformanceCounter
GetModuleFileNameA
CreateMutexA
GetCurrentThreadId
GetThreadTimes
SetThreadContext
GetModuleHandleA
HeapFree
DuplicateHandle
GetEnvironmentStringsW
LocalFree
SetLastError
GetWindowsDirectoryW
GetSystemInfo
GetLastError
TlsFree
GetTickCount
VirtualProtect
GetOEMCP
IsValidCodePage
GetACP
LCMapStringA
TlsSetValue
GetStdHandle
GetUserDefaultLCID
GetCurrentDirectoryW
GetVersionExA
GetCPInfo
GetConsoleScreenBufferInfo
VirtualAlloc
ReadConsoleOutputCharacterA
EnumSystemLocalesA
MoveFileW
lstrcatW
GetFullPathNameW
RaiseException
SetEnvironmentVariableA
EnterCriticalSection
TerminateProcess
GetCommandLineA
CompareFileTime
OpenFile
FreeEnvironmentStringsA
TlsGetValue
OpenMutexA
MultiByteToWideChar
LocalCompact
CompareStringW
WriteFile
TlsAlloc
GetFileType
GlobalFlags
WideCharToMultiByte
FlushFileBuffers
GetStringTypeW
HeapDestroy
GetLocaleInfoA
IsBadWritePtr
InterlockedExchange
GetLocaleInfoW
InterlockedDecrement
LeaveCriticalSection
HeapCreate
LoadLibraryA
FindAtomA
InitializeCriticalSection
VirtualFree
HeapAlloc
GetCurrentProcessId
HeapReAlloc
FreeEnvironmentStringsW
LCMapStringW
GetStartupInfoA
SetFilePointer
CompareStringA
HeapSize
GetProcAddress
GetCurrentThread
GetSystemTimeAsFileTime
EnumResourceTypesW
RtlUnwind
GetEnvironmentStrings
SetStdHandle
CloseHandle

shell32

SheChangeDirA
SHBrowseForFolderW
ExtractAssociatedIconExW
DragFinish
SHGetDiskFreeSpaceA

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d447fa82e2495e00b8455efcbd51598e

Headers

File Characteristics

Imports

user32

comctl32

advapi32

kernel32

shell32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 96KB - Virtual size: 105KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 96KB - Virtual size: 105KB

.rsrc
Size: 96KB - Virtual size: 94KB