de344bdf94b94452bb3cc01f104e9e99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de344bdf94b94452bb3cc01f104e9e99_JaffaCakes118
Size

437KB
MD5

de344bdf94b94452bb3cc01f104e9e99
SHA1

dcd3fde7dd6cbfd0b0d053dc3ba371d692710e63
SHA256

0bc7661e9238b2440b4c719fdd51329b5b318ba0f02498174aef24ff5a664b8e
SHA512

13bb3945d33a87bf496c624fcab50e839a759fd2dd400a26a0ba13704acbbe8e7eb0d4a37236d1dfdd9df77b58d910318ae883ce85de161a1512c2585d94ed29
SSDEEP

12288:Rh5gYxsAoppo9xHeWOEoSSyhG9ZpqZjs5:Rh+YxsA8poXHeWOFyhG9HqZjg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de344bdf94b94452bb3cc01f104e9e99_JaffaCakes118

Files

de344bdf94b94452bb3cc01f104e9e99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e05115a66a26d447d19957fbf4660b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeInitializeA
CreateCursor
EndDeferWindowPos
FreeDDElParam
SendIMEMessageExA
SetWindowLongW
MonitorFromPoint
CreateDialogIndirectParamA
SetScrollRange
SendIMEMessageExW
GetScrollPos
SetUserObjectSecurity
CreateCaret
MessageBoxIndirectA
BringWindowToTop
RegisterClassA
RegisterClassExA
GetInputDesktop
CreateMenu

gdi32

CreatePalette
GetEnhMetaFileW
ModifyWorldTransform
CopyMetaFileW
GetCharWidth32A
SetICMMode
CreateBitmapIndirect
GetLogColorSpaceW
SetGraphicsMode
GetWindowExtEx
GetBitmapBits
ColorMatchToTarget
StrokePath
GetPixelFormat

wininet

InternetGetConnectedStateEx
InternetSetCookieA
InternetTimeFromSystemTimeW

advapi32

RevertToSelf

comctl32

InitCommonControlsEx

shell32

SHGetSettings

kernel32

TerminateProcess
GetFileAttributesA
GetLastError
GetStdHandle
HeapReAlloc
FindResourceExA
UnhandledExceptionFilter
HeapDestroy
GetThreadContext
InterlockedIncrement
GetLocaleInfoA
GetEnvironmentStringsW
GetUserDefaultLCID
InitializeCriticalSection
SetEnvironmentVariableA
HeapSize
GetConsoleCP
EnumSystemLocalesA
LeaveCriticalSection
GetVersionExA
GetEnvironmentStrings
ReadFile
IsValidCodePage
GetDateFormatA
LCMapStringW
GetCurrentThread
SetStdHandle
GetModuleHandleA
WideCharToMultiByte
VirtualAlloc
GetLongPathNameA
GetOEMCP
EnterCriticalSection
LoadLibraryA
GetProcAddress
RtlUnwind
GetFileType
TlsSetValue
GetCurrentProcess
GetTimeFormatA
GetConsoleOutputCP
GetACP
GetStartupInfoA
DeleteCriticalSection
IsDebuggerPresent
TlsGetValue
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
GetCPInfo
CompareStringA
VirtualFree
GetCurrentThreadId
EnumTimeFormatsW
CompareStringW
SetHandleCount
TlsAlloc
GetCommandLineA
LCMapStringA
ReadConsoleInputW
InterlockedExchange
GetStringTypeW
HeapFree
FreeEnvironmentStringsA
VirtualQuery
GetConsoleMode
IsValidLocale
CloseHandle
QueryPerformanceCounter
FreeLibrary
OpenFileMappingW
HeapAlloc
WriteConsoleA
SetLastError
InterlockedDecrement
WriteConsoleW
CreateFileA
GetStringTypeA
MultiByteToWideChar
GetConsoleScreenBufferInfo
SetFilePointer
WriteFile
GetCurrentProcessId
SetUnhandledExceptionFilter
TlsFree
GetSystemTimeAsFileTime
GetTickCount
SetConsoleCtrlHandler
ExitProcess
FlushFileBuffers
HeapCreate
GetLocaleInfoW
Sleep
GetProcessHeap
CreateMutexA
OpenMutexA

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e05115a66a26d447d19957fbf4660b2

Headers

File Characteristics

Imports

user32

gdi32

wininet

advapi32

comctl32

shell32

kernel32

Sections

.text Size: 239KB - Virtual size: 238KB

.rdata Size: 10KB - Virtual size: 15KB

.data Size: 178KB - Virtual size: 178KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 239KB - Virtual size: 238KB

.rdata
Size: 10KB - Virtual size: 15KB

.data
Size: 178KB - Virtual size: 178KB

.rsrc
Size: 8KB - Virtual size: 8KB