b43354f4f309cb7d3e0df1a2951eb604_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b43354f4f309cb7d3e0df1a2951eb604_JaffaCakes118
Size

506KB
MD5

b43354f4f309cb7d3e0df1a2951eb604
SHA1

29475672b786c9a49e7664f9d344a9e40cb98c16
SHA256

2f96b15d1ab757519d0ae042866930b42f6b22688e4a27f3a40ad3e382f6817b
SHA512

2cae34a316bcd2bed798cb82ac2fd8441a07e325f163ba3ee98e52883761ca0e714ae42a84786d39ddaa36b48f9bfcc1aba48a1b547c40f1c5148348954f579c
SSDEEP

12288:X7BN1BLYeY1E5V8KWmXzUa2NydXxVhHt/b:lTGeYqfWmDDpdXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b43354f4f309cb7d3e0df1a2951eb604_JaffaCakes118

Files

b43354f4f309cb7d3e0df1a2951eb604_JaffaCakes118
.exe windows:4 windows x86 arch:x86

389a24c34d37d4352b133143212fb2a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellHookProc
SHGetFileInfoA

kernel32

GetDateFormatA
GetTimeZoneInformation
WriteFile
GetCurrentProcessId
SetLastError
VirtualAlloc
GetCommandLineA
GetStartupInfoW
HeapFree
GetCurrentThreadId
GetTimeFormatA
DeleteCriticalSection
GetModuleFileNameW
TlsSetValue
GetStdHandle
GetVersionExA
MultiByteToWideChar
HeapAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
GetLastError
FreeEnvironmentStringsA
SetHandleCount
SetFilePointer
VirtualFree
SetEnvironmentVariableA
ReadFile
IsValidLocale
CreateMutexA
GetCommandLineW
RtlUnwind
UnhandledExceptionFilter
TlsFree
VirtualQuery
GetProcAddress
CompareStringA
GetModuleHandleA
SetStdHandle
LocalFlags
GetCurrentThread
GetStartupInfoA
FlushFileBuffers
CreateNamedPipeA
LoadLibraryA
GetModuleFileNameA
TerminateProcess
InterlockedExchange
GetLogicalDriveStringsW
GetEnvironmentStringsW
GetACP
VirtualProtect
CompareStringW
FindFirstFileA
GetLocaleInfoA
IsBadWritePtr
TlsAlloc
LCMapStringW
LCMapStringA
OpenMutexA
GetOEMCP
WideCharToMultiByte
LeaveCriticalSection
GetStringTypeW
MapViewOfFile
EnterCriticalSection
InitializeCriticalSection
GetTickCount
GetEnvironmentStrings
QueryPerformanceCounter
TlsGetValue
HeapReAlloc
GetUserDefaultLCID
GetCurrentProcess
HeapCreate
GetCPInfo
GetStringTypeA
GetSystemTimeAsFileTime
HeapDestroy
EnumSystemLocalesA
ExitProcess
IsValidCodePage
CloseHandle
GetSystemInfo
GetFileType
HeapSize

user32

SetDeskWallpaper
MessageBoxW
DestroyCursor
RegisterClassA
VkKeyScanA
PostThreadMessageA
SetActiveWindow
SetWindowTextW
GetInputDesktop
WINNLSEnableIME
ToUnicodeEx
ShowScrollBar
EndDialog
LookupIconIdFromDirectoryEx
GetClassNameW
DestroyIcon
CopyAcceleratorTableA
DdeGetLastError
ChangeClipboardChain
MessageBoxIndirectA
EnableMenuItem
RegisterClassExA
IsChild
CharPrevW
SetDebugErrorLevel

comctl32

InitCommonControlsEx

gdi32

GetICMProfileW
GetTextColor
EnumObjects
CreateEnhMetaFileW
ExcludeClipRect
AddFontResourceA
GetClipRgn
CreateRectRgnIndirect
SetBoundsRect
ScaleViewportExtEx
ExtEscape
IntersectClipRect
SetBkColor
GetPixelFormat
EnumFontFamiliesExW
BitBlt
GetCharWidthW
SetICMProfileA
SetDIBits
DescribePixelFormat

wininet

GetUrlCacheConfigInfoW
InternetCombineUrlW
InternetCreateUrlW
LoadUrlCacheContent
GopherGetLocatorTypeW
FtpGetFileA
HttpSendRequestExW

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

389a24c34d37d4352b133143212fb2a6

Headers

File Characteristics

Imports

shell32

kernel32

user32

comctl32

gdi32

wininet

Sections

.text Size: 171KB - Virtual size: 170KB

.rdata Size: 9KB - Virtual size: 35KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 171KB - Virtual size: 170KB

.rdata
Size: 9KB - Virtual size: 35KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 10KB - Virtual size: 9KB