d3ffe3d47beb148384d0a904a083e464_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3ffe3d47beb148384d0a904a083e464_JaffaCakes118
Size

364KB
MD5

d3ffe3d47beb148384d0a904a083e464
SHA1

6732e17160f0ea2b36c633ee9499beb266163365
SHA256

7b7e8fe7c816ea13c27fc67d5844720c00a4e70b3d582debabb2366d74059b07
SHA512

f21e6b991bb9d1b7091e3c732720d7eeac0f3973430a8480e5fef11d9921afde92cd30af505296302300bbd7765de0cbc0318dae355a4a39decd312fc929341f
SSDEEP

6144:mnATz3/gvHKODtj0n6048jiDLSya1ZGIJRTItbsdVedi:GATzPAqKF0n6qdQIPcxsdEA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ffe3d47beb148384d0a904a083e464_JaffaCakes118

Files

d3ffe3d47beb148384d0a904a083e464_JaffaCakes118
.exe windows:4 windows x86 arch:x86

663a74fff4f619578c9abbc92675f974

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
BeginPaint
OemToCharA
RegisterWindowMessageA
SetDlgItemTextA
CharUpperA
CharLowerA
CharNextA
CharPrevA
SetWindowTextA
GetClientRect
SendMessageA
CharToOemA
DdeCreateStringHandleA
DdeUninitialize
DdeFreeStringHandle
GetClassInfoA
GetWindowLongA
GetWindow
GetClassNameA
GetSysColor
FillRect
SetRect
SetRectEmpty
ScreenToClient
InflateRect
PostMessageA
GetWindowRect
DdeInitializeA
EnableWindow
IsWindowVisible
InvalidateRect
GetWindowTextA
GetDlgItem
LoadBitmapA
GetSystemMetrics
SetWindowPos
UpdateWindow
ShowWindow
DestroyWindow
wsprintfA
LoadStringA
MessageBeep
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
SetTimer
PeekMessageA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
KillTimer
PostQuitMessage
DefWindowProcA
CreateDialogParamA
ExitWindowsEx
FindWindowA
DdeGetLastError
SetFocus
EndDialog
EndPaint
GetDC
SendDlgItemMessageA
DialogBoxParamA
DdeGetData
DdeFreeDataHandle
DdeConnect
DdeClientTransaction
DdeDisconnect

gdi32

CreatePen
CreateDIBitmap
GetTextExtentPointA
SetPixel
CreateBitmap
SetBkColor
DeleteObject
GetObjectA
RealizePalette
SelectPalette
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetDeviceCaps
RestoreDC
Rectangle
GetSystemPaletteEntries
CreateSolidBrush
SaveDC
GetStockObject
LineTo
MoveToEx
CreateCompatibleBitmap
CreatePalette
CreateFontIndirectA

kernel32

GlobalFree
_hwrite
OpenFile
lstrcatA
GetWindowsDirectoryA
GetVersion
GlobalUnlock
LockResource
SizeofResource
LoadResource
FindResourceA
GetSystemInfo
SetErrorMode
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleFileNameA
IsDBCSLeadByte
lstrcpyA
GlobalLock
GetTickCount
GlobalAlloc
FreeResource
_lclose
DeleteFileA
GetProfileSectionA
GetCurrentThread
SetFileAttributesA
GlobalHandle
GlobalCompact
GlobalReAlloc
_llseek
_lwrite
_lread
GetCurrentDirectoryA
SetEndOfFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
GetStringTypeW
GetStringTypeA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
MoveFileA
SetFilePointer
WriteProfileStringA
RemoveDirectoryA
lstrlenA
GetFileAttributesA
lstrcmpiA
SetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetDriveTypeA
GetSystemDirectoryA
CloseHandle
WriteFile
CreateFileA
GetDiskFreeSpaceA
CreateDirectoryA
lstrcmpA
MulDiv
GetSystemDefaultLCID
Sleep
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetPrivateProfileStringA
GetCurrentProcess
MoveFileExA
WinExec
ReadFile
GetFileSize
GetLastError
WriteProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WritePrivateProfileStringA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

RegSetValueExA
RegConnectRegistryA
OpenSCManagerA
CloseServiceHandle
OpenThreadToken
GetTokenInformation
EqualSid
RegEnumValueA
RegDeleteValueA
RegQueryValueExA
AdjustTokenPrivileges
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
InitializeSecurityDescriptor
AllocateAndInitializeSid
SetSecurityDescriptorOwner
RegCreateKeyExA
FreeSid
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

663a74fff4f619578c9abbc92675f974

Headers

File Characteristics

Imports

user32

gdi32

kernel32

version

advapi32

comdlg32

shell32

Sections

.text Size: 133KB - Virtual size: 133KB

.rdata Size: 1024B - Virtual size: 899B

.data Size: 9KB - Virtual size: 11KB

.idata Size: 62KB - Virtual size: 62KB

.rsrc Size: 149KB - Virtual size: 149KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 133KB - Virtual size: 133KB

.rdata
Size: 1024B - Virtual size: 899B

.data
Size: 9KB - Virtual size: 11KB

.idata
Size: 62KB - Virtual size: 62KB

.rsrc
Size: 149KB - Virtual size: 149KB

.reloc
Size: 8KB - Virtual size: 7KB