bb874c436520dee9d98218c75467ba7c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb874c436520dee9d98218c75467ba7c_JaffaCakes118
Size

660KB
MD5

bb874c436520dee9d98218c75467ba7c
SHA1

f59450473bc8f2d3465dafb56ca9b8bb9b7af360
SHA256

ee85bd5c04e2a2d0d0b18bf8a536e3aeff54c3692bf11f0b15d03c34f2fc7b78
SHA512

4d6a03e201e48b89081a8c3d7afe69938785a2aa8485a40d4b1dbd1d5f072411c8b8aa643d55103549d14b3c5b57eec25bcda83cb1fc894bdbbe247f08d0ad6c
SSDEEP

12288:3NXBWxwhahpGLGQeGHjJCv9z3u27VOuFJC8r/Hh5gRo0vbuX:3N4x6ahUUGDJCvhumZ/B5gF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb874c436520dee9d98218c75467ba7c_JaffaCakes118

Files

bb874c436520dee9d98218c75467ba7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

916948d87acc58d1a3a36ca7ee927f09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\o

Imports

comctl32

CreateUpDownControl
ImageList_Add
ImageList_AddMasked
CreateToolbarEx
InitCommonControlsEx
ImageList_LoadImage
ImageList_GetFlags

comdlg32

GetOpenFileNameA

gdi32

GetDeviceCaps
LineTo
SelectObject
CreateDCW
DeleteDC
GetEnhMetaFileHeader
GetObjectW
CreateHalftonePalette

advapi32

CryptDeriveKey
LookupPrivilegeValueA
DuplicateToken
CryptDestroyHash
RegSaveKeyA
LookupPrivilegeDisplayNameW
RegQueryValueW
LogonUserA
CryptSetHashParam
RegCloseKey
CryptEnumProviderTypesA
RegRestoreKeyW
StartServiceW
RegEnumValueW
CryptEnumProvidersW
RegEnumKeyW
InitiateSystemShutdownW
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsA
RegDeleteValueA
CryptSetProvParam
RegCreateKeyW
CryptSetProviderExA
RegSetValueExA

shell32

SHInvokePrinterCommandA
SHGetDiskFreeSpaceA
SHGetSettings

user32

LoadCursorA
SendMessageA
GetKeyboardLayoutNameA
DefWindowProcA
LoadBitmapW
TranslateMessage
GetInputDesktop
IsIconic
CharLowerBuffW
SetMenuItemInfoA
TileChildWindows
CheckRadioButton
CreateIcon
DestroyWindow
OpenDesktopW
FreeDDElParam
RegisterClassExA
ShowWindowAsync
WaitMessage
IsWindow
CreateCaret
WINNLSGetEnableStatus
GetPropW
EnumDisplaySettingsExA
OemKeyScan
MoveWindow
DefFrameProcW
ChangeDisplaySettingsW
SetSysColors
CheckMenuItem
RegisterClassA
CountClipboardFormats
DdeSetQualityOfService
EnumChildWindows
CallMsgFilterA
DdeAddData
InflateRect
PtInRect
BroadcastSystemMessageA
GetNextDlgGroupItem
CreateWindowExA
CharToOemBuffW
ShowOwnedPopups
ShowCursor
WINNLSEnableIME
GetClipboardFormatNameA
MsgWaitForMultipleObjects
EnumDisplayDevicesW
DdeKeepStringHandle
EnableWindow
GetFocus
MapDialogRect
UnhookWindowsHook
DrawFocusRect
PeekMessageW
AnyPopup
SendIMEMessageExA
SetWindowWord
MenuItemFromPoint
GetAncestor
ActivateKeyboardLayout
DdeQueryConvInfo
GetClipboardData
IsZoomed
FrameRect
GetMonitorInfoA
GetClipboardFormatNameW
SwitchDesktop
GetProcessDefaultLayout
GetMenu
SetKeyboardState
GetWindowDC
ChangeMenuA
GetClassInfoExW
MessageBoxA
SetScrollInfo
IsDialogMessageW
CascadeWindows
SetMenuItemBitmaps
CopyAcceleratorTableA
MessageBoxW
GetUserObjectInformationW
EndDialog
IsCharAlphaW
GetDesktopWindow
BeginPaint
DeleteMenu
EnumDisplayMonitors
GetPropA
ShowWindow
DefFrameProcA
DdeClientTransaction
DdeReconnect
GetGUIThreadInfo
GetForegroundWindow
MessageBoxExA
GetDlgItemTextA
FlashWindow
GetWindowInfo
GetCursorPos
DdeConnectList
GetNextDlgTabItem

kernel32

InterlockedExchangeAdd
GetPrivateProfileIntA
SetLocaleInfoA
EnumSystemLocalesW
FreeEnvironmentStringsA
WriteFile
GetCommandLineA
GetStringTypeA
GetFileAttributesExW
SetConsoleCtrlHandler
SetFilePointer
EnumSystemCodePagesA
TerminateProcess
ExpandEnvironmentStringsW
FindNextFileW
TlsSetValue
GetStringTypeW
GetFileSize
GetCurrentThread
WriteConsoleA
GetLastError
GetFileType
GetStartupInfoA
lstrcatA
CreateEventA
GetCurrentThreadId
GetDateFormatA
ReadFile
TlsAlloc
HeapSize
InitializeCriticalSection
EnumTimeFormatsA
GetDiskFreeSpaceExW
SetCurrentDirectoryW
GetStdHandle
EnumSystemLocalesA
WriteConsoleOutputA
FlushFileBuffers
UnhandledExceptionFilter
RtlUnwind
GetConsoleMode
CopyFileExA
IsDebuggerPresent
VirtualQuery
CreateSemaphoreA
CreateFileMappingW
InterlockedDecrement
OpenMutexA
SetUnhandledExceptionFilter
GetModuleFileNameA
GetProfileIntA
TlsGetValue
LeaveCriticalSection
DeleteCriticalSection
GlobalSize
WideCharToMultiByte
GetProcAddress
GetPrivateProfileIntW
GetModuleFileNameW
LCMapStringW
SetFileAttributesA
CreateMutexA
GlobalAddAtomA
CompareStringW
CloseHandle
GetCompressedFileSizeA
HeapAlloc
GetSystemInfo
TlsFree
FindResourceExA
Sleep
GetConsoleTitleW
EnumResourceTypesW
VirtualAlloc
GetConsoleOutputCP
LCMapStringA
CreateFileA
IsValidCodePage
VirtualFree
SetEnvironmentVariableA
GetCurrentProcessId
SetComputerNameW
EnterCriticalSection
GetTimeFormatA
InterlockedIncrement
FreeResource
EnumResourceLanguagesW
GetTimeZoneInformation
SetHandleCount
GetConsoleCP
WaitNamedPipeW
ReadConsoleInputA
IsValidLocale
HeapCreate
MultiByteToWideChar
HeapReAlloc
WriteConsoleW
GetACP
SetEvent
GetShortPathNameW
GetUserDefaultLCID
GetLocaleInfoW
GetCommandLineW
GetProcessHeap
SetThreadAffinityMask
CompareStringA
SetStdHandle
SetLastError
WriteConsoleOutputCharacterA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetThreadContext
QueryPerformanceCounter
LocalUnlock
EnumCalendarInfoW
GetCurrentProcess
GetOEMCP
GetStartupInfoW
ExitThread
OpenFileMappingW
HeapDestroy
GetLocaleInfoA
GetSystemTimeAsFileTime
FillConsoleOutputAttribute
InterlockedExchange
ExitProcess
SetComputerNameA
lstrcpynW
GetMailslotInfo
ReadConsoleOutputW
GetTickCount
LoadLibraryA
GetCPInfo
TransmitCommChar
GetModuleHandleA
GetEnvironmentStringsW
GetVersionExA
SetConsoleScreenBufferSize
HeapFree
FreeLibrary

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

916948d87acc58d1a3a36ca7ee927f09

Headers

File Characteristics

PDB Paths

Imports

comctl32

comdlg32

gdi32

advapi32

shell32

user32

kernel32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 116KB - Virtual size: 125KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 116KB - Virtual size: 125KB

.rsrc
Size: 36KB - Virtual size: 32KB