d04b8d2d428a8d49fdf58cb389eedad1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d04b8d2d428a8d49fdf58cb389eedad1_JaffaCakes118
Size

556KB
MD5

d04b8d2d428a8d49fdf58cb389eedad1
SHA1

06cd81e774594000b3ed7a21d640c1f4aba90649
SHA256

a16d0b9d58331bc30f9d22785a4d11c7f41f9afc966a49bc4a088c800d6c50c3
SHA512

5e8a9df07f3637c828d204800df3b4c676254fe6336a06c12d229eaf8246455a47aa5e9ec0ffe89dd052d568807faf57eabae0839244cfe72826a0c57b627f66
SSDEEP

12288:4GU2nSJeVzOlcmTpQPms4XSVSIC2IZlKr:JnMeVscOpQPucNE0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04b8d2d428a8d49fdf58cb389eedad1_JaffaCakes118

Files

d04b8d2d428a8d49fdf58cb389eedad1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65312bed555fcf166dc542319ebc2b09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeConnectList
FlashWindow
DestroyWindow
SendIMEMessageExW
DefDlgProcW
RegisterClassA
VkKeyScanW
GetWindowTextLengthA
GetShellWindow
InsertMenuW
IsWindowUnicode
GetDlgItemInt
SetCapture
LoadMenuIndirectW
SetScrollPos
ChangeMenuA
CallNextHookEx
GetClassNameW
GetClipboardFormatNameA
ShowWindow
ArrangeIconicWindows
DrawIconEx
DestroyMenu
CreatePopupMenu
GetClassInfoW
CreateIcon
GetKeyNameTextA
RegisterClassExA
MessageBoxW
VkKeyScanExW
DefWindowProcW
ChangeDisplaySettingsA
CreateWindowExA
CloseWindow
LoadCursorW
LockWindowUpdate
InvalidateRgn
SetForegroundWindow
GetMessageTime

comctl32

InitCommonControlsEx
CreateStatusWindowW
CreateToolbar

kernel32

FileTimeToSystemTime
MapViewOfFile
FindNextFileW
GetProfileIntA
GetModuleFileNameA
GlobalAddAtomW
TlsSetValue
GetCurrencyFormatA
VirtualAllocEx
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLastError
ConnectNamedPipe
ExitProcess
GetNamedPipeHandleStateW
LoadLibraryA
IsBadWritePtr
CreateFileMappingW
SetHandleCount
GetStdHandle
EnterCriticalSection
InitializeCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStrings
ContinueDebugEvent
CreateFileMappingA
SetEnvironmentVariableA
DeleteCriticalSection
GetCurrentThread
GetProcAddress
MoveFileW
EnumDateFormatsExA
GetLocalTime
HeapSize
ResetEvent
GetModuleHandleW
FreeResource
VirtualFree
WaitForSingleObjectEx
WaitForMultipleObjectsEx
TerminateProcess
GetEnvironmentVariableA
lstrcmp
WriteProfileStringA
GetLocaleInfoW
EnumSystemCodePagesA
GetFileType
GlobalFlags
GlobalFindAtomA
GetSystemDefaultLangID
CreateMutexA
GetEnvironmentVariableW
GetCurrentThreadId
GetThreadContext
LCMapStringA
WritePrivateProfileSectionW
GetStringTypeW
FlushFileBuffers
SetConsoleOutputCP
InterlockedIncrement
MultiByteToWideChar
WaitForDebugEvent
CreateMutexW
WriteProfileSectionA
SetConsoleCtrlHandler
QueryPerformanceCounter
GetLongPathNameW
GetACP
SetEndOfFile
TlsGetValue
InterlockedExchange
GetVersionExA
GetCPInfo
VirtualProtect
TlsAlloc
HeapReAlloc
GetCurrentProcessId
GlobalLock
WriteConsoleA
WriteConsoleInputW
EnumSystemLocalesA
GetSystemInfo
LeaveCriticalSection
GetTimeFormatA
UnhandledExceptionFilter
GetCommandLineA
CompareStringA
ReadFile
GetPrivateProfileStructW
VirtualProtectEx
WriteFile
GetStartupInfoA
HeapFree
CloseHandle
VirtualQuery
EnumResourceTypesA
GetTickCount
LockFile
GetStartupInfoW
SetLastError
CreateNamedPipeW
SetStdHandle
CreateFileW
GetCompressedFileSizeW
GetTempFileNameW
GetNumberFormatA
HeapCreate
MoveFileExA
GetPrivateProfileSectionW
GetDateFormatA
IsValidLocale
RtlUnwind
GetStringTypeA
OpenMutexA
GetCurrentProcess
GetEnvironmentStringsW
LCMapStringW
CopyFileA
ReadConsoleOutputCharacterW
OpenEventA
SleepEx
HeapDestroy
FindResourceExW
WideCharToMultiByte
GetOEMCP
CreateMailslotW
SetFilePointer
GetModuleHandleA
CompareStringW
UnlockFileEx
TlsFree
ExitThread
CreateEventA
GetLocaleInfoA
VirtualAlloc
GetDateFormatW
IsValidCodePage
lstrcpynW
GlobalReAlloc
GetTimeZoneInformation
EnumResourceLanguagesW
FreeEnvironmentStringsA
lstrcmpiW
HeapAlloc
SetLocaleInfoA

gdi32

IntersectClipRect
SetICMProfileA
StrokePath
EnumFontsA
ExtCreatePen
GetSystemPaletteEntries
Rectangle
SetWinMetaFileBits
Arc
GetCharWidthA
PolyPolygon
SetTextCharacterExtra
GetTextFaceA
CreatePolyPolygonRgn
OffsetRgn

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65312bed555fcf166dc542319ebc2b09

Headers

File Characteristics

Imports

user32

comctl32

kernel32

gdi32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 104KB - Virtual size: 109KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 104KB - Virtual size: 109KB

.rsrc
Size: 32KB - Virtual size: 31KB