c7f379b178844cf2d07eff6bd98f48b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7f379b178844cf2d07eff6bd98f48b3_JaffaCakes118
Size

700KB
MD5

c7f379b178844cf2d07eff6bd98f48b3
SHA1

d01582ba330503b7f77bbdf67365f6b8f7a9e7ed
SHA256

802ba306b971be11899ee86d5b457451c96c7da1cff264c4f8336f5be7d52f19
SHA512

374fba0d2a3681d3b339d2b8d7698c013224fb421e4e6deb1c7a845f304ff1162bac18502449de1c2ac42266b6a84b976806d3fdeb8d261dbb47420aaced1659
SSDEEP

12288:SdodAajPmYPf/AAQCeHjN4dsVRQob9uNFYhM8rmV1tHJtJsXyGQNyh3x0nK5isn4:SdyjP1n4vCeDesVP2UMOmV1tHJtJsX/l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f379b178844cf2d07eff6bd98f48b3_JaffaCakes118

Files

c7f379b178844cf2d07eff6bd98f48b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe617baa0b3584d7eed964e2a50c3853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
DdeCreateDataHandle
CreateWindowExA
CreateWindowStationA
EnumPropsW
CreatePopupMenu
CreateWindowStationW
VkKeyScanExA
ShowCaret
DdeKeepStringHandle
MessageBoxW
EndTask
DestroyWindow
GetDC
CharToOemA
DrawStateA
DrawStateW
DdeGetData
DefWindowProcW
ShowWindow
MonitorFromRect
MessageBoxA
GetClassLongA
ValidateRgn
DdeClientTransaction
SendNotifyMessageA
MonitorFromWindow
SetWindowPos
GetWindowLongA
GetMenuItemID
SetProcessWindowStation
VkKeyScanW
GetKeyboardLayoutNameW
BlockInput
RegisterClassExA
WaitForInputIdle
UnpackDDElParam

comdlg32

FindTextA
ReplaceTextW
ChooseFontA
PageSetupDlgA

comctl32

ImageList_SetDragCursorImage
InitCommonControlsEx
ImageList_BeginDrag
ImageList_DragLeave
ImageList_AddIcon
ImageList_LoadImage
ImageList_GetIcon
ImageList_Merge
CreatePropertySheetPageA
ImageList_EndDrag
CreateStatusWindow
CreateStatusWindowA
ImageList_GetImageInfo
ImageList_SetFlags
CreateStatusWindowW
CreateUpDownControl
CreateToolbar
DrawStatusTextW
ImageList_Copy
_TrackMouseEvent
ImageList_Read
ImageList_DrawEx
ImageList_Destroy
GetEffectiveClientRect
DrawStatusTextA

kernel32

TerminateProcess
lstrcpyW
CreateRemoteThread
FreeEnvironmentStringsA
GetCommandLineW
lstrcat
EnumSystemLocalesW
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetFileType
GetStartupInfoW
GetSystemTime
SetLastError
IsBadWritePtr
GetModuleHandleA
VirtualAlloc
SetHandleCount
GetCurrentProcessId
LCMapStringW
InitializeCriticalSection
LeaveCriticalSection
GetCommandLineA
FreeEnvironmentStringsW
SetConsoleCP
HeapCreate
DeleteAtom
GetVolumeInformationW
GetTimeZoneInformation
GetDiskFreeSpaceExW
GetVersionExW
GetStringTypeW
WriteFile
EnumResourceNamesA
GetVersion
GetModuleFileNameW
GetConsoleTitleW
LocalUnlock
MoveFileExW
EnterCriticalSection
GetTickCount
FindFirstFileA
TlsFree
SetFileAttributesA
CreateSemaphoreW
UnhandledExceptionFilter
MoveFileA
GetLastError
GetDiskFreeSpaceA
CloseHandle
VirtualProtect
OpenWaitableTimerA
TlsGetValue
SetStdHandle
GetStringTypeA
FlushFileBuffers
GetCurrentThreadId
SetFilePointer
SetCurrentDirectoryA
VirtualFree
GetEnvironmentVariableW
QueryPerformanceCounter
HeapAlloc
InterlockedExchange
VirtualQuery
OpenMutexA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
CreateNamedPipeA
GetModuleFileNameA
GetCurrentThread
FormatMessageW
WaitNamedPipeA
GetProcAddress
GetWindowsDirectoryW
TlsAlloc
HeapFree
RemoveDirectoryW
GetCurrentProcess
CreateMutexA
LoadLibraryA
EnumTimeFormatsW
HeapDestroy
DeleteCriticalSection
InterlockedIncrement
ExitProcess
GetStartupInfoA
GetEnvironmentStrings
GetCPInfo
InterlockedDecrement
GetLocalTime
ReadFile
CompareStringA
CompareStringW
HeapReAlloc
TlsSetValue
LCMapStringA
FlushInstructionCache
FindAtomA
GetStdHandle
CreateEventW
SetEnvironmentVariableA

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe617baa0b3584d7eed964e2a50c3853

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

kernel32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 136KB - Virtual size: 162KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 136KB - Virtual size: 162KB

.rsrc
Size: 28KB - Virtual size: 27KB