c789a9e01d170c47f926ef3f9a0da37a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c789a9e01d170c47f926ef3f9a0da37a_JaffaCakes118
Size

76KB
MD5

c789a9e01d170c47f926ef3f9a0da37a
SHA1

2923b98064811f26dd76f0b19d6e22e48be2a1cb
SHA256

483841b48f82b8031c89beda5bbc58f6115f56b2075de41141e82de427a1863d
SHA512

872ad33c7399544a4e7827325f2ba4d5cf834e8a48c1cbcada41030d2975dace2eab9918ec587777ea6cd545e5f6b0cfff95b62d4e2c0a8a33d88440e045ceb6
SSDEEP

1536:3uK6q6u0a2Zy+P71beb8lXRTF6CELc5r:+K6qry7P7n5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c789a9e01d170c47f926ef3f9a0da37a_JaffaCakes118

Files

c789a9e01d170c47f926ef3f9a0da37a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56180fc6b4388696f32e06350adc7fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_wcsnicmp
wcsncmp
wcsncpy
wcslen
wcscpy
wcscat
wcscmp
fclose
fabs
ceil
malloc
floor
free
memcpy
memmove
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
HeapAlloc
HeapFree
GetCurrentProcessId
GetCurrentThreadId
InitializeCriticalSection
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
SetLastError
TlsAlloc
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
FindClose
FindFirstFileW
GetLastError
FindNextFileW
GetCurrentDirectoryW
WriteFile
CloseHandle
CreateFileW
ReadFile
MultiByteToWideChar
SetFilePointer
WideCharToMultiByte
TlsGetValue
TlsSetValue
DeleteCriticalSection
WaitForMultipleObjects
GetCurrentProcess
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
CreateThread
ReleaseSemaphore

comctl32

InitCommonControls
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

user32

GetSystemMetrics
CharLowerW
MessageBoxW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
DestroyWindow
SendMessageW
GetWindowLongW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
CreateWindowExW
GetWindow
SetWindowLongW
GetWindowRect
GetSysColor
GetSysColorBrush
GetScrollPos
GetClientRect
MoveWindow
SetScrollInfo
SetScrollPos
RedrawWindow
GetScrollRange
CallWindowProcW
FillRect
DefWindowProcW
GetParent
SetFocus
LoadCursorW
RegisterClassExW
MapWindowPoints
InvalidateRect
RemovePropW
SetPropW
GetPropW
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
RegisterClassW
AdjustWindowRectEx
GetActiveWindow
ShowWindow
CreateAcceleratorTableW
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
GetFocus
EnumChildWindows
PostMessageW
DefFrameProcW
SetCursorPos
LoadImageW
SetCursor
SystemParametersInfoW
GetKeyState
SetCapture
GetCursorPos
ReleaseCapture
IsChild
GetClassNameW
DestroyIcon

gdi32

GetStockObject
SetBkColor
SetTextColor
CreateCompatibleBitmap
SelectObject
CreateDCW
CreateCompatibleDC
DeleteDC
GetObjectW
StretchBlt
GetObjectType
DeleteObject
CreateSolidBrush
GetDIBits
CreateDIBSection
BitBlt
CreateBitmap
SetPixel

comdlg32

GetSaveFileNameW
GetOpenFileNameW

ole32

CoInitialize
RevokeDragDrop

Sections

.code
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56180fc6b4388696f32e06350adc7fcb

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

comdlg32

ole32

Sections

.code Size: 7KB - Virtual size: 6KB

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 1024B - Virtual size: 764B

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 32KB - Virtual size: 31KB

.code
Size: 7KB - Virtual size: 6KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 1024B - Virtual size: 764B

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 32KB - Virtual size: 31KB