be7a495a936d0ed38ba692011ed7f5a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be7a495a936d0ed38ba692011ed7f5a2_JaffaCakes118
Size

512KB
MD5

be7a495a936d0ed38ba692011ed7f5a2
SHA1

9688a847df3306af8f3d2d8e71d606b7ee4e6b57
SHA256

e1374cdb76725e630171976e3a820f38e96dca28302628d1d177b514a6863499
SHA512

3241f8071dcc80985a917076c996c0270e88a451c08b32d7254874f63349cdb2c43e288a3975dd88dab5dc58f5547a75c557ce8e90e50fc26993627d39424582
SSDEEP

12288:nia/468w+LJ2mqzWF7sNgnHyEs5oVmBwovE2xDz:nxA6J+LJ0apugWocc2xDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be7a495a936d0ed38ba692011ed7f5a2_JaffaCakes118

Files

be7a495a936d0ed38ba692011ed7f5a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34a99fd68687d5edd149486d9442292e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
GetDlgItemInt
LoadMenuIndirectA
CharToOemA
CharUpperBuffW
MessageBoxA
DrawTextA
EnableScrollBar
SetWindowTextA
AttachThreadInput
OemKeyScan
SetKeyboardState
IsWindow
KillTimer
ExitWindowsEx
DestroyAcceleratorTable
RegisterClassExA
CharLowerBuffW
DrawAnimatedRects
GetInputDesktop
GetDCEx
TranslateMessage
DefWindowProcW
EnableMenuItem
RegisterClassExW
SetWindowContextHelpId
PostMessageA
SetMessageExtraInfo
FindWindowW
DrawTextExW
LoadIconW
CallNextHookEx
BringWindowToTop
DrawTextExA
CreateMenu
DestroyCursor
DrawStateW
CreateWindowExW
GetSubMenu
DragObject
OpenDesktopW
GetMenuState
CharNextA
GetCaretBlinkTime
DefFrameProcA
FrameRect
GetKeyboardLayout
CopyImage
SetDlgItemInt
EndTask
DdeQueryStringA
SubtractRect
PostThreadMessageW
GetMenuInfo
DrawEdge
ShowCaret
GetDlgItem
GetCursor
DlgDirSelectComboBoxExW
GetKeyboardLayoutList
GetProcessWindowStation
CopyRect
ShowScrollBar
FlashWindow
RegisterClassA
CopyIcon
DdeAddData
ScrollWindow
IsDialogMessage
GetPriorityClipboardFormat
GetClipboardFormatNameA
TabbedTextOutA
GetClassLongW
IntersectRect
DestroyWindow
MoveWindow
IsDlgButtonChecked
ShowWindow
AdjustWindowRectEx
SetUserObjectInformationA
LoadKeyboardLayoutW
EnumChildWindows
GetMenuCheckMarkDimensions
RealGetWindowClass
CharUpperA
TranslateAcceleratorA
DeferWindowPos
SetCursor
ShowOwnedPopups
OffsetRect
IsZoomed
LoadMenuA
GetWindowTextLengthW
PeekMessageA
EnumPropsExA
SetWindowsHookExA
IsDialogMessageA
GetMenuStringA
GetMessageA
InSendMessage
DragDetect
GrayStringW
ShowWindowAsync
MonitorFromRect

comctl32

ImageList_Copy
ImageList_SetImageCount
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_GetIconSize
DrawInsert
CreatePropertySheetPageA
ImageList_DragLeave
ImageList_AddIcon
ImageList_SetIconSize
ImageList_LoadImage
ImageList_SetFlags
DrawStatusText
ImageList_Draw
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetImageCount
InitMUILanguage

kernel32

GetCommandLineA
GetStartupInfoA
GetFileAttributesA
WaitForDebugEvent
WritePrivateProfileStringA
GetPrivateProfileStructW
GetLocalTime
CreateMutexA
ExitProcess
GetCurrentThreadId
GetNamedPipeInfo
QueryPerformanceCounter
TlsFree
SetHandleCount
TerminateProcess
ReleaseSemaphore
WriteFile
HeapDestroy
GetStdHandle
HeapFree
GetCurrentProcess
UnhandledExceptionFilter
SetLastError
InterlockedIncrement
ReadFile
LoadLibraryA
WritePrivateProfileStructW
OpenMutexA
GetCurrentProcessId
GetCommandLineW
InterlockedExchange
CreateFileMappingW
SetFilePointer
GetFullPathNameA
GetAtomNameW
GetFileType
ConnectNamedPipe
RtlMoveMemory
lstrlen
ReadConsoleInputW
LeaveCriticalSection
GetCurrentThread
EnterCriticalSection
GetPrivateProfileSectionA
HeapReAlloc
RemoveDirectoryW
FindAtomW
LCMapStringA
GetEnvironmentStringsW
ReadConsoleOutputCharacterA
SetFileTime
LCMapStringW
IsBadWritePtr
GetLastError
CopyFileA
GetModuleFileNameA
GetStringTypeA
TlsAlloc
OpenSemaphoreW
GetStringTypeW
InitializeCriticalSection
FreeEnvironmentStringsA
SleepEx
SetTimeZoneInformation
ContinueDebugEvent
FreeEnvironmentStringsW
TlsGetValue
PulseEvent
CompareStringW
FreeLibrary
CloseHandle
GetPrivateProfileIntA
GetWindowsDirectoryA
InterlockedDecrement
lstrcmpiW
GetModuleFileNameW
GetShortPathNameA
SetEnvironmentVariableA
FlushFileBuffers
GetProcAddress
TlsSetValue
SetConsoleWindowInfo
GetModuleHandleA
VirtualFree
OpenProcess
FindFirstFileExW
RtlUnwind
HeapCreate
MultiByteToWideChar
GetCPInfo
MoveFileExA
HeapAlloc
WideCharToMultiByte
GetTickCount
GetStartupInfoW
VirtualAlloc
GetTimeZoneInformation
VirtualQuery
FindResourceW
GetComputerNameA
DeleteCriticalSection
CompareStringA
SetStdHandle
GetSystemTimeAsFileTime
GetSystemTime
GetEnvironmentStrings
GetVersion

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34a99fd68687d5edd149486d9442292e

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 116KB - Virtual size: 140KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 116KB - Virtual size: 140KB

.rsrc
Size: 8KB - Virtual size: 6KB