d0dc733c613b4a2bb25a3c9b46329a48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0dc733c613b4a2bb25a3c9b46329a48_JaffaCakes118
Size

352KB
MD5

d0dc733c613b4a2bb25a3c9b46329a48
SHA1

134f78f27e050c67b3b1b1625008cba8f1e9e7fb
SHA256

43b071cac7c4601acbe5bf3ed7efcfbe76c73f8d91e502df9c6d2b051f1e41f7
SHA512

37e0b00b466d55584d751dda2e30e623dd57d916ce7433f09ad22657c1038bd43a80a04d7e944d22fe6fac5e7ea2e2522554544f55754eb335dbaf1eb4d8ea9d
SSDEEP

6144:sr7iCRFX2wrQDDseU1vAjOX+VpHa7Tu72MRdr29g00fFl9i4:sviCHGDAeICZVwa72cdK6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0dc733c613b4a2bb25a3c9b46329a48_JaffaCakes118

Files

d0dc733c613b4a2bb25a3c9b46329a48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6e455323dab0b3e92bd26118cc226e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW

user32

DdeConnectList
MessageBoxW
SetUserObjectInformationW
LoadMenuIndirectA
GetCursorPos
GetDC
ReleaseCapture
CallMsgFilterA
EnumThreadWindows
ChangeDisplaySettingsExA
GetGuiResources
UnhookWindowsHook
DestroyCursor
SetProcessWindowStation
RegisterClassExA
SendMessageTimeoutA
UnregisterDeviceNotification
CloseClipboard
MessageBeep
SetMenuDefaultItem
GetActiveWindow
MapVirtualKeyA
RegisterClassA
InvalidateRgn
TileWindows
FindWindowA
SendMessageTimeoutW
SetScrollPos
ShowWindow
OpenClipboard
DrawFrameControl
EditWndProc
RegisterWindowMessageW
DefFrameProcA
ValidateRgn
SetRect
SendNotifyMessageW
IsDialogMessageA
OpenDesktopW
VkKeyScanA
SendDlgItemMessageW
DdeQueryStringW
TranslateMDISysAccel
LoadCursorFromFileW
GetWindowTextW
VkKeyScanExW
TabbedTextOutA
CascadeChildWindows
CharLowerBuffW
SetWindowTextW
OemToCharW
GetOpenClipboardWindow
DrawIcon
SetCursor
DefWindowProcA
SetWindowsHookA
GetWindowTextA
EqualRect
DrawStateA
CharToOemBuffW
UnloadKeyboardLayout
DestroyWindow
GetClientRect
InsertMenuItemW
CreateWindowExA

shell32

SHGetFileInfoW
SHUpdateRecycleBinIcon
FreeIconList
ExtractIconEx
RealShellExecuteW

comctl32

InitMUILanguage
ImageList_SetOverlayImage
ImageList_DragLeave
InitCommonControlsEx
CreateStatusWindowA
ImageList_LoadImageA
ImageList_Copy
ImageList_Draw
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DragEnter
ImageList_GetDragImage

gdi32

StartPage
GetRegionData
SelectClipPath
GetClipBox
UnrealizeObject
GetTextFaceW
GetEnhMetaFileBits
Polyline
FlattenPath
CopyEnhMetaFileA
CreateEnhMetaFileW
GetMetaRgn
ModifyWorldTransform
RemoveFontResourceA
GetMetaFileA
AddFontResourceA

kernel32

SetEnvironmentVariableA
VirtualFree
GetTimeFormatA
VirtualAlloc
ExpandEnvironmentStringsA
InterlockedExchange
GetCommandLineA
GetProcessHeaps
UnlockFile
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
HeapAlloc
EnterCriticalSection
CreateWaitableTimerW
GetOEMCP
GetTempPathW
GetCurrentThread
HeapDestroy
GetUserDefaultLCID
GetLastError
GetTimeZoneInformation
CompareStringW
FoldStringA
GetModuleHandleA
GetEnvironmentStrings
ExitProcess
OpenFileMappingW
GetProcAddress
SetLastError
ReadFile
GetFileType
CreateToolhelp32Snapshot
GetStringTypeA
GetCPInfo
GlobalLock
InterlockedCompareExchange
GetLogicalDriveStringsW
GetCurrentProcessId
VirtualProtect
GetDateFormatA
OpenWaitableTimerA
GetStartupInfoW
SetHandleCount
GetConsoleMode
MoveFileW
GetStringTypeW
GetLogicalDrives
SetEvent
LCMapStringA
IsValidCodePage
GetStdHandle
CloseHandle
GetSystemInfo
TlsSetValue
SetFilePointer
FoldStringW
TlsAlloc
GetConsoleCP
GetSystemDefaultLangID
LCMapStringW
IsValidLocale
lstrlenW
GetThreadPriority
GetCurrentProcess
WaitNamedPipeA
GetNumberFormatW
LoadLibraryA
GetModuleFileNameA
EnumCalendarInfoExA
GetPrivateProfileSectionA
GetStartupInfoA
FlushFileBuffers
GetSystemTimeAsFileTime
GetLocaleInfoA
WriteFileEx
WriteFile
TlsFree
SetVolumeLabelA
FreeEnvironmentStringsW
UnhandledExceptionFilter
FindNextChangeNotification
GetPrivateProfileSectionW
CreateMutexA
GetThreadSelectorEntry
FreeEnvironmentStringsA
GetNamedPipeHandleStateA
InitializeCriticalSection
HeapCreate
GetEnvironmentStringsW
CompareStringA
HeapReAlloc
GetTickCount
DeleteCriticalSection
GetConsoleTitleW
GetLocaleInfoW
TlsGetValue
IsDebuggerPresent
HeapFree
EnumSystemLocalesA
GetComputerNameW
GetVersionExA
FlushConsoleInputBuffer
FileTimeToLocalFileTime
EnumTimeFormatsA
HeapSize
MultiByteToWideChar
IsBadWritePtr
OpenMutexA
GetACP
GetPrivateProfileSectionNamesW
GetModuleFileNameW
LeaveCriticalSection
SetComputerNameW
QueryPerformanceCounter
EnumCalendarInfoW
RtlUnwind
VirtualQuery
TerminateProcess
GetCommandLineW
WaitCommEvent
LocalShrink
GetCurrentThreadId
SetStdHandle

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6e455323dab0b3e92bd26118cc226e3

Headers

File Characteristics

Imports

comdlg32

user32

shell32

comctl32

gdi32

kernel32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 92KB - Virtual size: 112KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 92KB - Virtual size: 112KB

.rsrc
Size: 96KB - Virtual size: 92KB