bfc7d97213c2069d24b435d737b3ca62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfc7d97213c2069d24b435d737b3ca62_JaffaCakes118
Size

595KB
MD5

bfc7d97213c2069d24b435d737b3ca62
SHA1

9a0bdb7b06c11442bf73cb31d6daa1d3f8682606
SHA256

bad7c30df7de44d7045d6ff07ce57ab509c1110610c709885d2f723f43f5b9f7
SHA512

355a5fa19b1df1651179ea5215c1e0ab59a33263847f45d59ad14890691cc7c3b43dda8e454045c39bc00b65081f6d4b247d44e7f7051d3c73c10a7f84ddf6fe
SSDEEP

12288:i2qhNbmpp3IaZ5/ObBdNPB8LjPDmi+Q66zS:9qhNbmHVfmVd5B8LjPDr66m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc7d97213c2069d24b435d737b3ca62_JaffaCakes118

Files

bfc7d97213c2069d24b435d737b3ca62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

430fe8f918cfca65a7354df7c54c4287

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
DdeConnect
ShowWindow
MsgWaitForMultipleObjects
DefWindowProcW
SetDlgItemTextW
DrawStateW
DefFrameProcA
EndTask
DestroyWindow
DdeDisconnectList
MessageBoxW
SetWindowLongA
InflateRect
RegisterClassA
GetKeyNameTextA
IsIconic
EqualRect
FreeDDElParam
CreateWindowExW
RegisterClassExA

comdlg32

GetFileTitleW
ChooseColorW

gdi32

GetCharacterPlacementA
DeleteObject
CreateDIBSection
SetICMMode
StrokePath
GetTextFaceA
GetWindowOrgEx
Escape
GetStockObject
GetDCOrgEx
GetCharWidth32W
PolyBezierTo
SetPixel
GetEnhMetaFileW
GetKerningPairs
CloseFigure
GetMetaFileW
CreateDIBPatternBrush
FillRgn
CreateBrushIndirect
CreateFontIndirectA
PlayMetaFile

kernel32

GetStartupInfoA
GetTimeZoneInformation
GetProfileSectionA
CloseHandle
VirtualFree
GetSystemDirectoryW
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsW
FoldStringA
FlushFileBuffers
GetLocalTime
GetTickCount
GetCalendarInfoA
TlsGetValue
SetStdHandle
GetCurrentThread
GetStringTypeW
GetThreadSelectorEntry
SetConsoleCtrlHandler
DebugBreak
OutputDebugStringA
IsBadWritePtr
SetConsoleTextAttribute
SetLastError
CreateMutexA
GetLastError
OpenFile
VirtualQuery
GetProcAddress
HeapValidate
TlsFree
LocalUnlock
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetSystemInfo
GetCurrentProcess
WideCharToMultiByte
IsBadReadPtr
CompareStringA
GetVersion
WriteFile
HeapFree
ExitProcess
HeapDestroy
LCMapStringW
GetCPInfo
GetSystemTimeAsFileTime
SetFilePointer
TlsSetValue
GetCurrentThreadId
GetCurrencyFormatW
InterlockedExchange
GetModuleHandleA
GetOEMCP
GetStringTypeA
GetSystemTime
CompareStringW
SetHandleCount
GetStdHandle
EnumSystemLocalesW
TerminateProcess
EnterCriticalSection
GetCurrentProcessId
LCMapStringA
HeapReAlloc
InterlockedIncrement
TlsAlloc
ReadFile
lstrcatW
GetACP
UnhandledExceptionFilter
WriteProfileStringW
HeapAlloc
OpenMutexA
LeaveCriticalSection
GetModuleFileNameA
LoadLibraryA
CreateMutexW
InterlockedDecrement
SetEnvironmentVariableA
GetCommandLineA
FreeEnvironmentStringsA
GlobalUnlock
GetEnvironmentStringsW
RtlUnwind
VirtualAlloc
HeapCreate

advapi32

RegOpenKeyExA
CryptGetDefaultProviderA
RegOpenKeyExW
CryptVerifySignatureW
RegDeleteValueA
LookupPrivilegeDisplayNameA
GetUserNameW
RegReplaceKeyA
RegDeleteValueW
DuplicateTokenEx
CreateServiceW
AbortSystemShutdownA
AbortSystemShutdownW
CryptDestroyHash
RegEnumKeyExW
RegCreateKeyA
LookupPrivilegeValueA
RegConnectRegistryA
CryptDuplicateHash
InitializeSecurityDescriptor
RegNotifyChangeKeyValue
CryptDuplicateKey
LookupPrivilegeValueW

comctl32

ImageList_LoadImage
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Read
MakeDragList
ImageList_Remove
ImageList_EndDrag
DrawStatusText
ImageList_DrawEx
ImageList_AddIcon
InitMUILanguage
ImageList_Duplicate
CreatePropertySheetPage
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Create

shell32

ExtractIconA

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

430fe8f918cfca65a7354df7c54c4287

Headers

File Characteristics

Imports

user32

comdlg32

gdi32

kernel32

advapi32

comctl32

shell32

Sections

.text Size: 393KB - Virtual size: 393KB

.rdata Size: 41KB - Virtual size: 56KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 393KB - Virtual size: 393KB

.rdata
Size: 41KB - Virtual size: 56KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 54KB - Virtual size: 54KB