b24afba82226ac26c2c5e9d3121aa121_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b24afba82226ac26c2c5e9d3121aa121_JaffaCakes118
Size

736KB
MD5

b24afba82226ac26c2c5e9d3121aa121
SHA1

76b98bf3ef667ada62c5bdc3f2bf9d8f2bc595b5
SHA256

9b625a507271fb90d2bb81bd169a994951ad92cbd4518d1c3511834b59fc8ac8
SHA512

3fd667b9a3bf9b25297aaffb18c73e7480ad71867f06a3e21df25c430d18c6a409f3d0fcfeed0fec2b3e65cdeaa38966316f5f3f6380b960b3e1725475ba827e
SSDEEP

12288:Hsv9XT/Kpti2qbBmOsGzXzX6uSIkOSA/iH43CuVyybHrxP+ZIqSRwgUtbR:HsvF/StintsiXzX6uSTUf3CyVwgwJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b24afba82226ac26c2c5e9d3121aa121_JaffaCakes118

Files

b24afba82226ac26c2c5e9d3121aa121_JaffaCakes118
.exe windows:4 windows x86 arch:x86

616090c87c3e4a2a04d44ac823c2f1a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW

gdi32

GetFontData
Rectangle
Polygon
GetPixel
SetICMProfileW
AddFontResourceA
GetObjectType
PlayEnhMetaFile
GetViewportOrgEx
GetTextMetricsA
EnumFontFamiliesW
Escape
SetWindowExtEx
CancelDC
GetNearestColor
GetCurrentObject
CreateICA
CreateFontIndirectW

kernel32

TlsGetValue
GetSystemTimeAsFileTime
GetCommandLineA
EnumSystemLocalesA
WriteConsoleW
TlsSetValue
MultiByteToWideChar
ExitProcess
SetUnhandledExceptionFilter
GetConsoleOutputCP
GetProcessHeap
UnhandledExceptionFilter
DeleteCriticalSection
TlsAlloc
GetEnvironmentStringsW
QueryPerformanceCounter
ReadFile
InterlockedExchange
VirtualAlloc
GetStdHandle
GetStringTypeA
SetStdHandle
GetDateFormatA
RtlMoveMemory
SetConsoleCtrlHandler
LCMapStringA
FreeEnvironmentStringsW
CompareStringA
IsValidCodePage
TlsFree
TerminateProcess
SetFilePointer
EnterCriticalSection
VirtualQuery
LCMapStringW
GlobalFindAtomA
GetUserDefaultLCID
GetEnvironmentStrings
GetProcAddress
SetTimeZoneInformation
GetOEMCP
WriteConsoleA
FormatMessageA
GetLocaleInfoW
IsDebuggerPresent
FreeLibrary
HeapFree
GetCurrentProcess
SetHandleCount
GetVersionExA
HeapAlloc
GetFileType
CreateMutexA
GetACP
GetModuleFileNameA
Sleep
IsValidLocale
GetStringTypeW
InitializeCriticalSection
GetTickCount
LoadLibraryA
GetCurrentProcessId
GetCPInfo
GetLastError
GetTimeFormatA
CloseHandle
FlushFileBuffers
HeapDestroy
SetLastError
WideCharToMultiByte
GetCurrentThread
UnlockFile
GetLocaleInfoA
GetProfileIntA
CreateFileA
FreeResource
VirtualFree
InterlockedDecrement
GetLogicalDriveStringsA
HeapReAlloc
FreeEnvironmentStringsA
HeapSize
GetConsoleMode
GetStartupInfoA
OpenMutexA
CompareStringW
GetConsoleCP
HeapCreate
GetModuleHandleA
InterlockedIncrement
GetCurrentThreadId
RtlUnwind
WriteFile
SetEnvironmentVariableA
LeaveCriticalSection
GetTimeZoneInformation

comctl32

DrawStatusTextW
MakeDragList
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetIconSize
CreatePropertySheetPageA
CreateMappedBitmap
InitCommonControlsEx

shell32

ExtractIconA
ShellExecuteEx
SHLoadInProc

wininet

SetUrlCacheEntryGroupW
InternetFortezzaCommand

user32

CloseClipboard
SystemParametersInfoA
SetUserObjectInformationA
DrawTextW
SetCaretPos
MsgWaitForMultipleObjects
EnumDisplaySettingsW
SetMenu
ShowWindow
CountClipboardFormats
DrawAnimatedRects
CreateMDIWindowA
IsDlgButtonChecked
GetWindowTextLengthA
SetSystemCursor
CreateWindowExA
CharToOemBuffA
CharLowerW
IsWindowUnicode
IsClipboardFormatAvailable
RegisterClassA
UnloadKeyboardLayout
DestroyWindow
FlashWindowEx
SetDoubleClickTime
GetParent
DefWindowProcA
GetMessagePos
DdeGetData
OemToCharA
LoadCursorW
SendMessageTimeoutA
UnpackDDElParam
DispatchMessageW
MessageBoxW
GetNextDlgTabItem
RegisterClassExA
GetPriorityClipboardFormat
DefMDIChildProcA
CloseDesktop
CheckDlgButton
SetWindowTextW
GetTopWindow
DdeQueryStringW
MessageBoxA
LoadBitmapA
BeginDeferWindowPos
SetDlgItemInt
GetWindowModuleFileNameW
GetMenu

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616090c87c3e4a2a04d44ac823c2f1a6

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

comctl32

shell32

wininet

user32

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 392KB - Virtual size: 390KB

.data Size: 136KB - Virtual size: 145KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 392KB - Virtual size: 390KB

.data
Size: 136KB - Virtual size: 145KB

.rsrc
Size: 16KB - Virtual size: 14KB