d273db4002ac2b81bf0aae4fd4e4c637_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d273db4002ac2b81bf0aae4fd4e4c637_JaffaCakes118
Size

324KB
MD5

d273db4002ac2b81bf0aae4fd4e4c637
SHA1

111462f4901a6813e37f9e255b5b7f4b446229f2
SHA256

c10dfbc7c91cc7060d59434162edd25666ace30b1de6eaab19d441a0998c9544
SHA512

c85296814149971724ceadd1d2ec0c339c9cee82ecd55448cb5f829f307eb352df177baddfe493cfc69afecbcd0230a0027efd065099d5aa437c1e55c7dd22c0
SSDEEP

6144:x0MgCkjOWUuh1T0MDv3VShXJ502RJ853ULbbkEZFHJBJaJozWn:GCkj7snhrdRJ8+bbbH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d273db4002ac2b81bf0aae4fd4e4c637_JaffaCakes118

Files

d273db4002ac2b81bf0aae4fd4e4c637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc9b691f8de7a7be5bd5965891741fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMetaFileBitsEx
GetMapMode
CreateSolidBrush
GetGraphicsMode
DPtoLP
RemoveFontResourceA
AngleArc
SetMagicColors
GetAspectRatioFilterEx
GetStretchBltMode
GetSystemPaletteUse
GetEnhMetaFileBits
GetRegionData

shell32

RealShellExecuteW
ShellHookProc

kernel32

MapViewOfFile
lstrcpyW
SetLocaleInfoW
IsBadWritePtr
CompareStringW
TlsGetValue
GetModuleFileNameW
FindResourceW
HeapAlloc
SetConsoleCursorPosition
OpenMutexA
CreateMutexA
WriteConsoleOutputAttribute
InitializeCriticalSectionAndSpinCount
HeapDestroy
SetFileAttributesA
GetSystemTime
GetLastError
TlsFree
CreateEventW
GetTimeFormatW
GetEnvironmentStrings
VirtualQuery
EnterCriticalSection
GetSystemTimeAsFileTime
GetTempPathA
GetCPInfo
WriteConsoleOutputCharacterA
DeleteCriticalSection
QueryPerformanceCounter
HeapFree
GetVersionExA
SetEnvironmentVariableA
FlushFileBuffers
GetCurrentProcess
FreeEnvironmentStringsW
SetLocalTime
WriteFile
SetHandleCount
VirtualAlloc
WritePrivateProfileStructA
CreateFileMappingW
SetWaitableTimer
ExitThread
LCMapStringW
TerminateProcess
GetFileType
HeapCreate
GetFileAttributesW
CreateDirectoryA
SetPriorityClass
EnumResourceTypesA
InitializeCriticalSection
LocalHandle
WriteProfileSectionW
RtlUnwind
WriteProfileSectionA
TlsAlloc
GetSystemDirectoryA
GetModuleFileNameA
GetPrivateProfileSectionW
FindFirstFileExA
GetProcAddress
OpenSemaphoreW
GetVersion
GetSystemInfo
MultiByteToWideChar
InterlockedIncrement
DosDateTimeToFileTime
SetStdHandle
WaitNamedPipeA
ExitProcess
SetEnvironmentVariableW
CompareStringA
FileTimeToSystemTime
EnumDateFormatsA
SetEndOfFile
GetStringTypeW
VirtualFree
GetConsoleTitleA
GetStdHandle
WriteProfileStringW
FillConsoleOutputAttribute
GetCurrentThreadId
EnumDateFormatsW
WaitCommEvent
GetLogicalDriveStringsW
ConvertDefaultLocale
lstrcmpiW
UnhandledExceptionFilter
LoadResource
WideCharToMultiByte
InterlockedDecrement
GetCurrentProcessId
SetConsoleWindowInfo
FreeEnvironmentStringsA
LocalShrink
GetStartupInfoA
HeapReAlloc
GetEnvironmentStringsW
GetDiskFreeSpaceExA
GetLocalTime
GlobalFree
EnumCalendarInfoA
GetStartupInfoW
GetStringTypeA
GetTimeZoneInformation
LoadLibraryA
ReadConsoleA
lstrcpynA
TlsSetValue
GetModuleHandleA
CloseHandle
SetLastError
SetFilePointer
LoadLibraryExW
GetVolumeInformationW
LeaveCriticalSection
GlobalHandle
SetConsoleCursorInfo
EnumDateFormatsExA
GetCurrentThread
GetCommandLineW
GetSystemDefaultLangID
GetCommandLineA
InterlockedExchange
SetComputerNameW
GetNumberFormatW
GetTickCount
GlobalFlags
LCMapStringA
WaitForSingleObjectEx
SetFileAttributesW
WaitForMultipleObjects
ReadFile
CreateMutexW
ReadConsoleOutputA
GetFullPathNameW

wininet

ReadUrlCacheEntryStream
ShowX509EncodedCertificate
IsHostInProxyBypassList

comctl32

ImageList_Remove
ImageList_ReplaceIcon
ImageList_Add
DrawStatusTextW
ImageList_EndDrag
ImageList_GetBkColor
ImageList_Read
ImageList_Create
CreatePropertySheetPageA
ImageList_GetFlags
ImageList_GetImageInfo
DrawInsert
CreateToolbarEx
GetEffectiveClientRect
ImageList_SetFlags
InitMUILanguage
ImageList_SetIconSize
ImageList_AddIcon
ImageList_SetDragCursorImage
InitCommonControlsEx
CreateStatusWindowA
MakeDragList
ImageList_SetOverlayImage
ImageList_Write

advapi32

LogonUserA
RegConnectRegistryW
StartServiceA
CryptHashData
ReportEventA
CryptSetProviderExA
CryptEnumProvidersA
RegLoadKeyA
RegRestoreKeyA
CryptGetKeyParam
LookupSecurityDescriptorPartsW
CryptDestroyHash

user32

GetTopWindow
DestroyCursor
EnumDisplaySettingsW
LoadBitmapW
RegisterClassExA
UnregisterDeviceNotification
GetWindowWord
GetMessagePos
EnumWindowStationsW
SetMenuItemInfoW
MsgWaitForMultipleObjectsEx
CharPrevExA
TrackPopupMenu
LoadIconA
EnableMenuItem
GetClipboardOwner
GetCaretPos
RegisterClassA
IsIconic
CountClipboardFormats
RegisterWindowMessageA

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc9b691f8de7a7be5bd5965891741fb4

Headers

File Characteristics

Imports

gdi32

shell32

kernel32

wininet

comctl32

advapi32

user32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 88KB - Virtual size: 99KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 88KB - Virtual size: 99KB

.rsrc
Size: 72KB - Virtual size: 71KB