dcd39f35ce14f3bb6fbb8a2f9aadeba1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcd39f35ce14f3bb6fbb8a2f9aadeba1_JaffaCakes118
Size

668KB
MD5

dcd39f35ce14f3bb6fbb8a2f9aadeba1
SHA1

3b6342181ae5b20dd62ec6beaef0cd1421bddc0e
SHA256

74389c24aa394c9c313e6633afd8f79365c62ca4b0ad1aacd97d214c9a9515a5
SHA512

bc5b464499251da154799fcb458a07b5a03e53a30ac53fd98578319ae276b0c79443e106edd0c60105c86f96998ea33ddb4b0dfdddc167b34d8597b63cc0c01f
SSDEEP

12288:Txo+e8nlWFA72T+b3peh39bFwKvpRVhUZlHXExR1e/iI5d5wtgMyWX6VzVgXSj:TxovOWFA72T+teHFJnkZknWx75ug3WX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcd39f35ce14f3bb6fbb8a2f9aadeba1_JaffaCakes118

Files

dcd39f35ce14f3bb6fbb8a2f9aadeba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eddc7c755fee9748ef0818db3153f6da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
MultiByteToWideChar
GetDateFormatA
DeleteCriticalSection
GetSystemInfo
DebugBreak
GetCPInfo
LeaveCriticalSection
IsBadReadPtr
GetTimeFormatA
RtlUnwind
EnumResourceTypesA
ReadFile
TlsAlloc
GetNamedPipeHandleStateW
VirtualAlloc
GetStringTypeA
GetWindowsDirectoryA
WriteFile
VirtualQuery
CompareStringW
ReadConsoleInputW
CreateMutexA
FreeEnvironmentStringsA
EnumDateFormatsA
LocalReAlloc
LockFile
GetEnvironmentStrings
GetLocaleInfoA
WritePrivateProfileStringW
TlsFree
WideCharToMultiByte
SetConsoleCtrlHandler
SetFilePointer
GetCommandLineA
GetTickCount
GetStdHandle
HeapDestroy
RaiseException
lstrcpyn
HeapReAlloc
GetModuleFileNameA
EnumResourceNamesA
GetCurrentThreadId
TerminateProcess
IsBadWritePtr
GetStringTypeW
GetLogicalDriveStringsA
HeapAlloc
GetModuleHandleA
GetACP
GetVersionExA
LocalCompact
TlsGetValue
GetProcAddress
GetComputerNameW
CloseHandle
LoadLibraryA
GetStartupInfoA
IsValidLocale
LCMapStringA
FlushFileBuffers
AddAtomW
OpenMutexA
GetUserDefaultLCID
EnumSystemLocalesA
VirtualFree
SetHandleCount
WriteConsoleInputW
GetFileType
InitializeCriticalSection
TlsSetValue
HeapCreate
GetTimeFormatW
CreateSemaphoreW
GetCurrentProcessId
CompareStringA
QueryPerformanceCounter
OutputDebugStringA
GetEnvironmentStringsW
SetStdHandle
IsValidCodePage
InterlockedDecrement
GlobalFindAtomA
ReadConsoleOutputAttribute
InterlockedIncrement
CreateProcessA
GetSystemTimeAsFileTime
GetWindowsDirectoryW
SetEnvironmentVariableA
ExpandEnvironmentStringsA
GetTimeZoneInformation
FreeEnvironmentStringsW
GetCurrentThread
ExitProcess
LCMapStringW
GetLastError
HeapValidate
HeapFree
UnhandledExceptionFilter
InterlockedExchange
EnterCriticalSection
VirtualProtect
GetTempFileNameA
SetConsoleCP
GetOEMCP
GetLocaleInfoW
GetCurrentProcess
SetLastError

user32

CheckRadioButton
CreateIconFromResource
DrawAnimatedRects
RegisterClassA
EnumPropsExW
BringWindowToTop
DdeGetLastError
ShowWindow
ChangeDisplaySettingsW
ShowCursor
SetWindowsHookW
DestroyWindow
wvsprintfW
RegisterClassExA
ValidateRgn
GetWindowPlacement
VkKeyScanW
OpenClipboard
DefWindowProcA
EnumDisplayDevicesW
DragObject
MessageBoxA
CreateWindowExA
LoadCursorW
GetKeyNameTextW
GetMessageA
GetDlgCtrlID

wininet

InternetGetConnectedStateEx
InternetGoOnlineW
FtpCommandW
InternetSetOptionW
RetrieveUrlCacheEntryStreamW
InternetGetConnectedStateExW

advapi32

CryptGetHashParam
CryptSignHashW
CryptReleaseContext

comctl32

ImageList_DragShowNolock
DrawStatusTextA
ImageList_EndDrag
ImageList_SetImageCount
ImageList_SetFlags
ImageList_AddMasked
ImageList_DragEnter
ImageList_Create
ImageList_GetIconSize
ImageList_Copy
InitCommonControlsEx
ImageList_SetIconSize
ImageList_SetBkColor
ImageList_GetDragImage
ImageList_Add
DrawStatusText
ImageList_GetIcon

shell32

ShellExecuteExW

comdlg32

ReplaceTextW

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eddc7c755fee9748ef0818db3153f6da

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

comctl32

shell32

comdlg32

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 112KB - Virtual size: 133KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 112KB - Virtual size: 133KB

.rsrc
Size: 80KB - Virtual size: 76KB