b40c4d4205d7777b766a20a5be565df4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b40c4d4205d7777b766a20a5be565df4_JaffaCakes118
Size

273KB
MD5

b40c4d4205d7777b766a20a5be565df4
SHA1

90f5df9b5fcf2d98aa89586f83744a92605da72a
SHA256

3d5f984056994e9d3cc7996aec4c8602182f4046cac6306c93ca0a112913fc0d
SHA512

b6ec931d470983d3d008c5225be391084b680afd5f068c4e655807e81481ee8b5b47792436497fd8507e417bb70fee944a019502cf6cc81df26c7720377f2b24
SSDEEP

6144:T9aXCzErPUVScQQTpfJeY+pOik+5Gmgqu6h4lQ9lypr5LbhZVdbH:24ErUSOTpxeY+AiTgNaqr5hZfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b40c4d4205d7777b766a20a5be565df4_JaffaCakes118

Files

b40c4d4205d7777b766a20a5be565df4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28cd6447baeec47484d4697e38d8369f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
ResumeThread
QueryDosDeviceW
SetEndOfFile
FindFirstChangeNotificationW
SuspendThread
GetUserDefaultLangID
CloseHandle
SetThreadPriority
GetProcAddress
GlobalLock
FreeResource
LoadLibraryW
GlobalUnlock
WaitForMultipleObjects
lstrcpyW
SetWaitableTimer
FileTimeToSystemTime
GetLogicalDrives
VirtualAlloc
lstrlenW
CreateWaitableTimerW
CreateFileW
FreeLibrary
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
SetCurrentDirectoryW
LockResource
SetLastError
WideCharToMultiByte
GetTickCount
GetCurrentThreadId
FindNextChangeNotification
MulDiv
GetFileSize
WriteFile
VirtualFree
GetLastError
GlobalAlloc
GlobalDeleteAtom
InterlockedIncrement
GetPrivateProfileStringW
FindFirstFileW
SizeofResource
DeleteFileW
MoveFileW
GetSystemTime
GetCurrentProcessId
InterlockedDecrement
GetVersion
GetModuleFileNameW
SetFilePointer
CreateEventW
FindResourceExW
MultiByteToWideChar
GetFileAttributesExW
FindResourceW

user32

DestroyMenu
MessageBoxW
wsprintfW
GetCursorPos
GetWindowTextW
GetDlgItem
SystemParametersInfoW
PostThreadMessageW
GetSysColor
IsDlgButtonChecked
CreatePopupMenu
RegisterHotKey
GetWindowRect
ReleaseDC
DrawTextW
ReleaseCapture
LoadImageW
GetWindowThreadProcessId
EndDialog
GetWindowDC
DispatchMessageW
TranslateMessage
SetCapture
IsWindow
PostQuitMessage
RegisterWindowMessageW
VkKeyScanW
LoadBitmapW
SetCursor
SetWindowTextW
RegisterClassExW
DefWindowProcW
GetClassNameW
FillRect
DestroyIcon
DialogBoxParamW

gdi32

LineTo
Rectangle
CreateCompatibleBitmap
SetBkMode
DeleteDC
GetMapMode
SetTextColor
CreatePen
CreateICW
DeleteObject
CreateSolidBrush
StretchBlt
MoveToEx
CreateDCW
GetDeviceCaps
GetObjectW
SetMapMode
CreateFontIndirectW
DPtoLP
BitBlt

advapi32

LookupPrivilegeValueW
RegCreateKeyExW
GetUserNameW
StartServiceW
RegSetValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize
CoInitializeEx

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28cd6447baeec47484d4697e38d8369f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 242KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 244KB - Virtual size: 242KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB