c7cc547433c51333322e14cbf9017670_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c7cc547433c51333322e14cbf9017670_JaffaCakes118
Size

586KB
MD5

c7cc547433c51333322e14cbf9017670
SHA1

bfa5bbae63be4303cffdabee4c45abc9b3ede63f
SHA256

d3e389c43090f93fd3936e17fc7e92150199a754baf857a9ef8be6a9cf34f99c
SHA512

3dfcc8bb4f2f171857533f86b77922ebfbf38e2e729ba97f11b0a4e3defa4dca6ca342945b8f47ce511a73c63d7481bcb9c84a71697bfe47caab987d1a8b9c59
SSDEEP

12288:uPNZqYQeEgqDyMpFsJRXkBLt4exrjMMKlTE+4MIVQRKh:aZqYQeEgqDBFsJRXkBbjwTEuK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7cc547433c51333322e14cbf9017670_JaffaCakes118

Files

c7cc547433c51333322e14cbf9017670_JaffaCakes118
.exe windows:6 windows x86 arch:x86

7a96d3a49b4473ac518addee62d51c67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\\Release\ArrayToString.pdb

Imports

kernel32

WriteConsoleW
SetStdHandle
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
LoadLibraryExW
GetProcessHeap
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
IsDebuggerPresent
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
ReadConsoleW
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
CreateFileW
SetEndOfFile
GetConsoleWindow
QueryPerformanceCounter
GetModuleHandleA
GetModuleFileNameW
LoadLibraryA
CreateFileMappingA
CreateEventA
lstrlenA
MapViewOfFile
CloseHandle
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetCommandLineW
AreFileApisANSI
GetModuleHandleExW
WaitForSingleObject
GetLastError
ExitProcess
GetProcAddress
HeapAlloc
RtlUnwind
RaiseException
HeapFree
GetStringTypeW
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
VirtualAlloc
IsProcessorFeaturePresent
DeleteFileW

user32

SetDlgItemTextA
GetClipboardData
SetTimer
GetDlgItem
SetMenu
CheckMenuItem
CreateDialogParamA
CallWindowProcA
SendMessageA
DispatchMessageW
TranslateMessage
TrackPopupMenuEx
DrawTextA
GetMessageW
DrawFrameControl
GetMenu
LoadIconA
LoadCursorA
EndPaint
BeginPaint
UpdateWindow
TranslateAcceleratorA
LoadAcceleratorsA
EndDialog
DialogBoxParamA
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcA
DispatchMessageA
GetMessageA
GetCursorInfo
GetIconInfo
DrawIconEx
CopyImage
LookupIconIdFromDirectory
FindWindowExW
GetWindowLongA
PtInRect
OffsetRect
InflateRect
CopyRect
DrawFocusRect
GetSysColor
ScreenToClient
GetCursorPos
MessageBoxA
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
GetDC

gdi32

CreateCompatibleDC
GetObjectA
CreateDIBSection
SetTextAlign
SetTextColor
SetBkMode
SelectObject
Rectangle
GetTextAlign
GetStockObject
DeleteObject
DeleteDC
CreatePen
BitBlt

oleaut32

SysFreeString
SysAllocString

ws2_32

WSAStartup

netapi32

NetRemoveAlternateComputerName
NetRemoteTOD

avifil32

AVIStreamRelease
AVIStreamWrite

msvfw32

MCIWndCreateA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

gdiplus

GdipDrawLineI
GdipCreateFromHDC
GdipCreatePen1
GdiplusStartup
GdipDeletePen
GdipDeleteGraphics

imm32

ImmAssociateContext

uxtheme

OpenThemeData
DrawThemeBackground
CloseThemeData

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a96d3a49b4473ac518addee62d51c67

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

oleaut32

ws2_32

netapi32

avifil32

msvfw32

version

gdiplus

imm32

uxtheme

Sections

.text Size: 294KB - Virtual size: 293KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 7KB - Virtual size: 18KB

.text Size: 6KB - Virtual size: 5KB

.rsrc Size: 180KB - Virtual size: 180KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 294KB - Virtual size: 293KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 7KB - Virtual size: 18KB

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 180KB - Virtual size: 180KB

.reloc
Size: 11KB - Virtual size: 10KB