b98310936145a7d1db918e3e1aa7bbc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b98310936145a7d1db918e3e1aa7bbc7_JaffaCakes118
Size

708KB
MD5

b98310936145a7d1db918e3e1aa7bbc7
SHA1

198792abc8a8cc7c5761fb7e23af900cb04fa8b4
SHA256

e25306e5c23311d82bbdff132a517e3185f06d3c81af4644c0a8fbffb0a02da7
SHA512

b130c3b5a8b0e208a1f8f186b8e125cc758414a49f86f4a48183c4ce2bccc29fe5db063b36e787c44ee3e287542ac49441000004b7df214ab0eca6d4e47e336a
SSDEEP

12288:iB0dfTd/3ikGkASL/aHBVQCjQ3MwWpCWnABkbzxVp8c9:iBefTdFlbGQCM3gFnABkbNj8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98310936145a7d1db918e3e1aa7bbc7_JaffaCakes118

Files

b98310936145a7d1db918e3e1aa7bbc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dfab2b19ddae057d4da6b6811517c1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragEnter
ImageList_GetIconSize
ImageList_LoadImageW
InitCommonControlsEx
ImageList_DrawEx
ImageList_Replace

user32

CharPrevExA
DestroyWindow
SetWindowsHookA
FindWindowA
ShowWindow
SwitchToThisWindow
GetClipboardViewer
MessageBoxW
GetMessageTime
SetWindowContextHelpId
DestroyIcon
TabbedTextOutW
RegisterClassExA
RegisterClassA
DdeCreateDataHandle
CreateWindowExW
GetWindowInfo
DefWindowProcA
GetScrollInfo
BlockInput

shell32

SHFileOperationW
SHFileOperation
ExtractAssociatedIconA
DragQueryFileAorW
SHQueryRecycleBinA

kernel32

lstrcpy
ReadFile
DosDateTimeToFileTime
ExitProcess
LocalFileTimeToFileTime
RemoveDirectoryA
VirtualAlloc
lstrcpynA
GetFileType
PulseEvent
LoadLibraryA
GetLocaleInfoA
ReadConsoleA
OpenMutexA
GetAtomNameA
InterlockedExchange
GetSystemDirectoryA
GetStdHandle
LeaveCriticalSection
CreateRemoteThread
FreeEnvironmentStringsW
CreateFileW
GetCurrentProcessId
GetSystemTime
GetStartupInfoW
EnterCriticalSection
CreateMutexA
WideCharToMultiByte
SetPriorityClass
GetCurrentProcess
GetTickCount
GetProcAddress
InterlockedIncrement
GetLocalTime
GetCommandLineW
IsBadWritePtr
InitializeCriticalSection
GetStringTypeW
RtlUnwind
GetEnvironmentVariableA
VirtualProtectEx
CloseHandle
EnumResourceTypesA
GetFullPathNameW
FlushViewOfFile
GetModuleFileNameW
CreateProcessW
HeapDestroy
GetModuleFileNameA
GetSystemDirectoryW
SetStdHandle
TlsSetValue
SetEnvironmentVariableA
GetEnvironmentStrings
DeleteCriticalSection
GetProfileStringW
WriteProfileStringA
GetStartupInfoA
CompareStringW
EnumDateFormatsExW
TlsGetValue
HeapCreate
GetCurrentThreadId
FindClose
GetStringTypeA
MoveFileA
TlsAlloc
SetLastError
MultiByteToWideChar
ReadFileEx
CreateMailslotW
CreateFileMappingA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
AddAtomA
CreateEventA
LCMapStringW
LocalReAlloc
GetCommandLineA
EnumResourceNamesW
VirtualQuery
GetLastError
InterlockedDecrement
FlushFileBuffers
GetTempPathA
FindFirstFileExA
ExitThread
SetConsoleTitleW
CreateToolhelp32Snapshot
SetFilePointer
LockFileEx
GetThreadContext
SetConsoleTitleA
GetModuleHandleA
HeapFree
SetHandleCount
HeapAlloc
GetPrivateProfileStructA
FreeEnvironmentStringsA
QueryPerformanceCounter
LCMapStringA
GetVersion
TerminateProcess
CompareStringA
CreateFileMappingW
WriteFile
SetUnhandledExceptionFilter
GetNamedPipeHandleStateW
lstrcpynW
LocalShrink
GetCurrentThread
GetSystemInfo
VirtualFree
WriteProfileStringW
GetTimeZoneInformation
TlsFree
GetEnvironmentStringsW
HeapReAlloc
EnumCalendarInfoA
CreateSemaphoreA
GetCPInfo
AddAtomW

comdlg32

GetOpenFileNameW
ChooseFontW
GetOpenFileNameA
FindTextW

wininet

FtpFindFirstFileW
HttpQueryInfoA
GetUrlCacheConfigInfoW
UrlZonesDetach
InternetSecurityProtocolToStringA
InternetSetOptionA
InternetSetOptionExW
InternetGoOnline

advapi32

CryptEnumProvidersA
RegOpenKeyExA
CryptAcquireContextA
CryptSetProviderW

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dfab2b19ddae057d4da6b6811517c1f

Headers

File Characteristics

Imports

comctl32

user32

shell32

kernel32

comdlg32

wininet

advapi32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 136KB - Virtual size: 154KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 136KB - Virtual size: 154KB

.rsrc
Size: 40KB - Virtual size: 36KB