b61d9817464e96c42ecacec783300f7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b61d9817464e96c42ecacec783300f7b_JaffaCakes118
Size

212KB
MD5

b61d9817464e96c42ecacec783300f7b
SHA1

c7ef68a820ea2697c96e7d41d3b15f165367f144
SHA256

5bd916d85cfb2f07466ebd439b91d16fe32bee87dfd70c0cf0f5be76162b3ed3
SHA512

93ca78777a872caa13eb8f86a3fac41a3e97edddf28f691716826d59f951b843f66323aa419b117126768fb2eaf16311d1b4e070bcc7c433598b44eb4eb78c1b
SSDEEP

3072:FgP0spxswpsu9mPEnXvIRwUVcwKwgT4xMortpXySdXjGXnQU9kQBqSk:FgPvz3mMfnUuSpqXnQU9kek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b61d9817464e96c42ecacec783300f7b_JaffaCakes118

Files

b61d9817464e96c42ecacec783300f7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2f2037e836369eefae9ec0ebce72fb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
PropertySheetA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeGetTime

msimg32

AlphaBlend

kernel32

SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetProcessHeap
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
RtlUnwind
HeapSize
GetLocaleInfoW
SetFilePointer
SetStdHandle
SetErrorMode
CloseHandle
LockResource
CreateFileMappingA
FindFirstFileA
ReadFile
SizeofResource
LoadResource
UnmapViewOfFile
MapViewOfFile
FreeResource
FindResourceA
CreateFileA
GetCurrentThreadId
CreateProcessA
Sleep
FreeLibrary
GetVersionExA
GetLastError
GetCurrentProcess
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
GetPrivateProfileStringA
WriteConsoleW
GetProcAddress
SetThreadLocale
lstrcatA
GetWindowsDirectoryA
GetSystemDefaultLCID
GetLocaleInfoA
lstrcpyA
GetModuleFileNameA
lstrcmpiA
GetCommandLineA
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
lstrcpynA
lstrlenA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
GetOEMCP

user32

SetTimer
PostQuitMessage
TrackPopupMenu
GetSubMenu
SetForegroundWindow
DeleteMenu
LoadMenuA
SetFocus
GetForegroundWindow
GetAsyncKeyState
EnableMenuItem
DestroyMenu
DialogBoxParamA
ModifyMenuA
GetWindowThreadProcessId
GetPropA
RemovePropA
SetPropA
UpdateWindow
InsertMenuItemA
CreatePopupMenu
CheckMenuItem
ShowWindow
EnumWindows
MoveWindow
EnumDisplaySettingsExA
EnumDisplaySettingsA
ChangeDisplaySettingsA
ExitWindowsEx
GetSystemMetrics
WinHelpA
GetMessageA
LoadIconA
RegisterWindowMessageA
TranslateMessage
MessageBoxA
CreateWindowExA
DispatchMessageA
FindWindowA
GetClassNameA
GetWindowRect
GetDesktopWindow
DrawIcon
MessageBeep
GetWindow
GetSystemMenu
CharPrevA
GetWindowTextA
SetWindowLongA
SetWindowPos
EnumChildWindows
DeferWindowPos
BeginDeferWindowPos
SetWindowTextA
EndDeferWindowPos
DrawTextA
DrawIconEx
DrawEdge
DrawStateA
OffsetRect
CheckMenuRadioItem
GetMenuItemInfoA
GetMenuItemCount
SystemParametersInfoA
InsertMenuA
LoadImageA
SetMenuItemInfoA
DestroyIcon
GetDlgItemInt
SendDlgItemMessageA
FillRect
wsprintfA
CharNextA
GetDlgItem
EndDialog
CheckDlgButton
IsDlgButtonChecked
PostMessageA
CheckRadioButton
EnableWindow
SetDlgItemTextA
EndPaint
SetCursor
GetWindowDC
SetCapture
KillTimer
CopyImage
GetParent
IsWindowEnabled
GetClientRect
SendMessageA
BeginPaint
PtInRect
GetUpdateRect
GetDC
GetWindowLongA
ReleaseDC
DefWindowProcA
GetSysColor
GetCursorPos
ReleaseCapture
IsWindowVisible
MapWindowPoints
LoadCursorA
CopyRect
RegisterClassA
InvalidateRect
AttachThreadInput

gdi32

GetStockObject
SetBkMode
CreateSolidBrush
GetObjectA
CreatePen
Ellipse
GetCurrentObject
CreateFontIndirectA
LineTo
MoveToEx
GetTextMetricsA
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
GetTextColor
GetPixel
BitBlt
CreatePatternBrush
CreateRectRgn
SelectClipRgn
GetPaletteEntries
CreateBitmap
SetBkColor
Polygon
SetTextColor
PatBlt
ExtEscape
CreateDIBSection
ExtTextOutA
Rectangle
UpdateColors
CreateDIBitmap
SetStretchBltMode
SelectPalette
RealizePalette
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
CreatePalette
StretchBlt
ExtSelectClipRgn
DeleteDC

advapi32

RegDeleteValueA
GetUserNameA
RegEnumKeyExA
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken
RegCloseKey
RegQueryValueExA

shell32

FindExecutableA
Shell_NotifyIconA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2f2037e836369eefae9ec0ebce72fb2

Headers

File Characteristics

Imports

comctl32

version

winmm

msimg32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 56KB - Virtual size: 80KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 56KB - Virtual size: 80KB