c046bf6b67092f81675d66b30c99f27d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c046bf6b67092f81675d66b30c99f27d_JaffaCakes118
Size

560KB
MD5

c046bf6b67092f81675d66b30c99f27d
SHA1

05903d99c1cb853a508d3f5ac5423d88b90ff052
SHA256

ab2f0c320a412b7b3a9736353a5244e843c363449dee8b7aca879e3e387c7dd4
SHA512

616be7e73b5ba1e68a100961fed9179c305586b82bfe2cf416dd37a0f9bf05dacd6a22b5be589c861da44fdf0fb6bcf9062bbd0e72c242108b5728c12e9de1b2
SSDEEP

12288:Jm4Yi16OXId3/VYUgq1ogtC3mdK8/stZE7UDEV/1loLstdb:Jm4YE6XvVYUv03mpsKostd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c046bf6b67092f81675d66b30c99f27d_JaffaCakes118

Files

c046bf6b67092f81675d66b30c99f27d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78312d9a28182292dc4b7be588733f83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\

Imports

comctl32

CreateToolbar
ImageList_LoadImage
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag
CreateStatusWindow
MakeDragList
ImageList_DragEnter
ImageList_SetFlags
InitCommonControlsEx
ImageList_SetImageCount

advapi32

GetUserNameW
CryptGetUserKey
CryptGetProvParam
RegOpenKeyA
RegDeleteValueA
DuplicateToken
RevertToSelf
CryptDecrypt
RegRestoreKeyW
CryptDestroyKey
InitiateSystemShutdownA

gdi32

PolyPolygon
AddFontResourceW
EqualRgn
FrameRgn
EnumEnhMetaFile
PathToRegion
CreateColorSpaceA
ExtSelectClipRgn
GetPixelFormat
SetAbortProc
SelectClipPath
SaveDC
SetMagicColors
GetCharWidthA
GdiPlayJournal
FlattenPath
SetPixel
GetTextFaceA
EnableEUDC
CreateDIBitmap
EnumFontFamiliesW
Arc
SetWinMetaFileBits
GetNearestPaletteIndex

kernel32

FreeLibrary
GetCurrentThreadId
QueryPerformanceCounter
WaitNamedPipeW
GlobalAlloc
UnhandledExceptionFilter
TlsFree
SetStdHandle
GetTimeZoneInformation
CreateDirectoryExW
GetCurrentProcess
SetConsoleActiveScreenBuffer
TerminateProcess
GetVersion
FreeLibraryAndExitThread
GetCommandLineA
SetHandleCount
HeapAlloc
GetTickCount
GetCPInfo
EnumSystemCodePagesA
SetFilePointer
FlushFileBuffers
TlsSetValue
VirtualFree
EnumCalendarInfoA
HeapValidate
TlsGetValue
SetEnvironmentVariableA
TlsAlloc
OpenSemaphoreW
LCMapStringW
EnumDateFormatsW
GlobalLock
FindFirstFileW
LeaveCriticalSection
GetCurrentProcessId
HeapFree
UnlockFileEx
GlobalFix
GetStartupInfoA
ReadConsoleOutputA
GetLocaleInfoW
ContinueDebugEvent
OpenMutexA
ExitProcess
LoadLibraryA
GetStringTypeA
GetLocalTime
CloseHandle
EnumTimeFormatsA
lstrcatA
FindResourceExW
GetLastError
GetProcAddress
SetEnvironmentVariableW
GetCurrentThread
FreeEnvironmentStringsA
GetStdHandle
SetThreadLocale
HeapReAlloc
GlobalFree
InterlockedIncrement
InterlockedExchange
GetACP
FlushViewOfFile
CreateDirectoryA
MultiByteToWideChar
ReleaseMutex
GetCommandLineW
SetConsoleCtrlHandler
CreateProcessA
HeapDestroy
LCMapStringA
ReadFile
IsBadWritePtr
InitializeCriticalSection
GlobalHandle
GetExitCodeProcess
GetConsoleTitleA
lstrcpyW
WideCharToMultiByte
FreeEnvironmentStringsW
GetCurrencyFormatW
VirtualQuery
CompareStringW
EnterCriticalSection
LocalReAlloc
SetLastError
GetFileTime
DeleteCriticalSection
GlobalFindAtomW
GetConsoleScreenBufferInfo
SuspendThread
CompareStringA
WritePrivateProfileStructA
GetCompressedFileSizeA
WriteConsoleOutputCharacterW
FindResourceExA
FillConsoleOutputCharacterW
ResetEvent
GetEnvironmentStrings
GetStringTypeW
PulseEvent
GetEnvironmentStringsW
DebugBreak
ReadConsoleW
lstrcatW
GetModuleFileNameA
GetSystemTime
LocalLock
GetModuleFileNameW
GetStartupInfoW
GetSystemTimeAsFileTime
FindNextFileA
GetTimeFormatA
GetPriorityClass
SetEndOfFile
CommConfigDialogA
WriteFile
lstrcmp
CreateMutexA
OpenFile
GetFileType
RtlUnwind
LoadLibraryW
InterlockedDecrement
GetModuleHandleA
VirtualLock
VirtualAlloc
HeapCreate

comdlg32

GetOpenFileNameA

user32

RegisterClassA
CharNextExA
ShowWindow
WINNLSGetEnableStatus
UnionRect
SetLastErrorEx
SetDlgItemTextW
MessageBoxA
WinHelpA
EqualRect
DestroyWindow
CallNextHookEx
DrawTextExW
CheckMenuItem
GetInputDesktop
LoadCursorW
DefWindowProcW
RegisterClassExA
GetWindowTextLengthW
GetClassLongA
ToAscii
CreateWindowExA
DestroyCursor
SetMenu
HideCaret
GetMenuStringW
wsprintfW
EndDeferWindowPos
GetDC

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78312d9a28182292dc4b7be588733f83

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

gdi32

kernel32

comdlg32

user32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 104KB - Virtual size: 128KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 104KB - Virtual size: 128KB

.rsrc
Size: 20KB - Virtual size: 17KB