c78a92ba3d88dbdabe59477d403cc9f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c78a92ba3d88dbdabe59477d403cc9f6_JaffaCakes118
Size

764KB
MD5

c78a92ba3d88dbdabe59477d403cc9f6
SHA1

8c2db043dce87b9ce832ee2114396eb84a41cdf4
SHA256

c84494c9895c993496b8efe1182c0c8cbbe4d2a58ad9a0c0334486dbafd55be2
SHA512

8fbb2bb1509492c88a347aa95a1014d0520927e95019b5be967f265cd997d0e62a47aae41c297a47ab900798aff6b393d4e5aaeacb690dc15783b0b5fbc863fe
SSDEEP

12288:Qj0SYBY+39vSHfcPj5Y540yf+uNkjWcCvvdV2KO/Ymmqj+sD07dvpQaaTMXIJc:Qj0SYB3gHf60yG0cy1Vg/uqlDGvpQ4XI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c78a92ba3d88dbdabe59477d403cc9f6_JaffaCakes118

Files

c78a92ba3d88dbdabe59477d403cc9f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b3635deff6e34a73c8380e98dc8923f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\rmacduod\tsmaz.pdb

Imports

comctl32

ImageList_Merge
ImageList_GetIconSize
ImageList_DrawEx
ImageList_GetImageCount
DrawStatusText
InitCommonControlsEx
ImageList_Add
ImageList_Draw
ImageList_DrawIndirect
DestroyPropertySheetPage
CreateStatusWindowA
DrawStatusTextA

kernel32

FindAtomW
VirtualFree
IsValidCodePage
CommConfigDialogA
GlobalFree
GlobalFlags
FillConsoleOutputCharacterW
GetModuleHandleA
CloseHandle
GetStringTypeW
CreateMailslotA
GetLogicalDrives
GetNamedPipeHandleStateA
GetVersionExA
LeaveCriticalSection
InitializeCriticalSection
GetProfileStringW
LCMapStringA
GetFileType
LocalUnlock
FillConsoleOutputCharacterA
GetSystemDirectoryA
CreateNamedPipeA
GetStdHandle
GetComputerNameW
GetSystemInfo
LocalAlloc
GetCurrentProcess
ReadFile
TlsGetValue
WideCharToMultiByte
WriteFile
GetEnvironmentVariableW
GetCurrentThread
CommConfigDialogW
SetConsoleCursorPosition
GetExitCodeProcess
GlobalGetAtomNameA
WaitForDebugEvent
IsBadWritePtr
SetLastError
GetModuleFileNameA
WaitForSingleObjectEx
OpenSemaphoreW
GetSystemTimeAsFileTime
VirtualProtect
GetLocaleInfoW
HeapAlloc
EnumCalendarInfoExW
GetLocaleInfoA
CreateFileMappingW
CreateProcessA
InterlockedExchange
VirtualProtectEx
CreateNamedPipeW
EnterCriticalSection
RaiseException
GetTimeZoneInformation
GetCalendarInfoA
SetEnvironmentVariableA
GetOEMCP
CreateMailslotW
GetProcAddress
LCMapStringW
CompareStringW
GetCommandLineA
IsValidLocale
VirtualQuery
LocalFree
GetStringTypeA
GetConsoleOutputCP
UnhandledExceptionFilter
WriteConsoleOutputAttribute
TlsAlloc
FreeEnvironmentStringsA
TlsFree
HeapCreate
GetUserDefaultLangID
QueryPerformanceCounter
GetCurrentThreadId
FreeEnvironmentStringsW
RtlUnwind
HeapDestroy
SystemTimeToTzSpecificLocalTime
GetCPInfo
GetDateFormatA
GetTempFileNameW
HeapSize
GetStartupInfoA
DeleteCriticalSection
GetWindowsDirectoryW
GetCurrencyFormatA
FindAtomA
GetConsoleScreenBufferInfo
TlsSetValue
VirtualLock
MultiByteToWideChar
VirtualAlloc
GetLastError
EnumTimeFormatsW
EnumSystemLocalesA
SetHandleCount
GetTimeFormatA
LoadLibraryA
WritePrivateProfileStringW
GetCurrentProcessId
ExitProcess
lstrcmpiA
FileTimeToDosDateTime
SetFilePointer
SetConsoleCP
CreateFileMappingA
GetEnvironmentStrings
GetTickCount
GetUserDefaultLCID
FlushFileBuffers
TerminateProcess
GetTempPathW
HeapReAlloc
SetFileTime
CreateMutexA
ResumeThread
CompareStringA
SetCurrentDirectoryA
OpenMutexA
GetEnvironmentStringsW
HeapFree
TryEnterCriticalSection
UnlockFile
GetACP
SetStdHandle

user32

LoadCursorW
LoadKeyboardLayoutW
SetWindowTextW
LoadBitmapA
InSendMessage
DrawIcon
GetUpdateRgn
SetWindowLongA
CheckMenuItem
DlgDirSelectExA
CharLowerW
SetUserObjectInformationW
SetPropA
RegisterClassExA
SetScrollPos
PostMessageW
CopyIcon
CreateCursor
EmptyClipboard
BlockInput
TabbedTextOutW
GetTabbedTextExtentW
UnhookWindowsHookEx
TrackMouseEvent
GetClassNameA
WindowFromDC
GetSystemMenu
RegisterClassA
GetDlgItemInt
DdeConnect
EnumChildWindows
GetWindowLongW
GetSysColorBrush
GetMenuStringW
GetClipboardFormatNameW
CascadeChildWindows
GetMessageA
GetProcessWindowStation

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b3635deff6e34a73c8380e98dc8923f

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 456KB - Virtual size: 452KB

.data Size: 136KB - Virtual size: 150KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 456KB - Virtual size: 452KB

.data
Size: 136KB - Virtual size: 150KB

.rsrc
Size: 68KB - Virtual size: 66KB