cf4532f99e6040ba9ab1cf994c47ed7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf4532f99e6040ba9ab1cf994c47ed7b_JaffaCakes118
Size

220KB
MD5

cf4532f99e6040ba9ab1cf994c47ed7b
SHA1

f50ca9b0a74ef3e3ddc3b437b6aee40469e16138
SHA256

84c29bb7072f094e8f48a0997e22e82153b8ef03a20d62cafc5945c17612e21f
SHA512

510735f011ba18ba972f93a9d0ba8105532ddef430d4ce6e3128a1c49c0d162f85c5528ad228115eac4c9a04d6c0e8bea86c95df238f35398498ccfc240dc598
SSDEEP

3072:uL0tiDfn2EAETZC65Cut0y1gcUT1J/q7B6eUKOQnm3bjlwdDIHKuMg2FrbTMMhL9:5iDf73TZClE+f1JiceUKOQm9Kuiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4532f99e6040ba9ab1cf994c47ed7b_JaffaCakes118

Files

cf4532f99e6040ba9ab1cf994c47ed7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

098dc15b5d7afa37b865fe52d588f7af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
DeleteDC
GetStockObject
SetTextColor
SelectObject
CreateSolidBrush
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

OpenProcessToken
RegCloseKey
RegQueryInfoKeyA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA

ole32

CoTaskMemAlloc
CoCreateInstance

user32

SetForegroundWindow
PostQuitMessage
IsWindow
DispatchMessageA
PeekMessageA
GetDC
GetCursorPos
UnregisterClassA
ScreenToClient
GetClientRect
DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
SetWindowPos
TranslateMessage
GetWindow
IsIconic
RegisterClassA
GetWindowLongA
SetTimer
FillRect
ReleaseDC
EndPaint
SetFocus
BeginPaint
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
SetWindowLongA
SetWindowTextA
wsprintfA
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
GetFocus
EndDialog
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
GetSubMenu
InvalidateRect
SendMessageA
CallWindowProcA
EnableWindow
SetCursor
DefWindowProcA

oleaut32

SysAllocString
VariantInit
SysAllocStringLen
SysStringLen
VariantClear

kernel32

ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
HeapDestroy
HeapFree
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
RaiseException
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
CreateMutexA
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
GetConsoleMode
CreateEventW
GetVersion
InterlockedIncrement
HeapCreate
WriteConsoleW
CloseHandle
EnterCriticalSection
SetHandleCount
LoadLibraryW
lstrlenA
VirtualAlloc
GetCommandLineA
GetOEMCP
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
FindResourceW
UnmapViewOfFile
IsValidCodePage
GetLocalTime
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
lstrcpynA
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
SetEndOfFile
GetFullPathNameA
GetCurrentThread
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
GetCurrentThreadId
FindNextFileW
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW

Sections

oyiqm
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

098dc15b5d7afa37b865fe52d588f7af

Headers

File Characteristics

Imports

gdi32

version

advapi32

ole32

user32

oleaut32

kernel32

Sections

oyiqm Size: 200KB - Virtual size: 197KB

.rdata Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 6KB

oyiqm
Size: 200KB - Virtual size: 197KB

.rdata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 6KB