e0490579f2dd5a6a058508e1733b1ef9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0490579f2dd5a6a058508e1733b1ef9_JaffaCakes118
Size

716KB
MD5

e0490579f2dd5a6a058508e1733b1ef9
SHA1

c1a7a20ecd541a2b97727393aa2a731c1efaad57
SHA256

099aa5b180b8ea0d9cd9abb9b0f286d4e9abfebf54741f1b656adb8aa54302ac
SHA512

f00999a399f8d15ef659ff0b5c3ed6fbe109987f7db709574f98d53be117efd4640d202721895c372e57a9bcfada0fe39333f0e957c469359b9fab72f5db5f2e
SSDEEP

12288:MnxVYgd/WJiQj8xGxs3ZJzgMreH632HF10+kQJo:iRtQYxGOZJgF6mHFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0490579f2dd5a6a058508e1733b1ef9_JaffaCakes118

Files

e0490579f2dd5a6a058508e1733b1ef9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fb4d516ca28888bec92032690d5d1cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
mixerGetLineInfoA
PlaySoundW
mixerGetControlDetailsA
mixerGetLineControlsA
waveOutUnprepareHeader

advapi32

CloseServiceHandle
CryptDestroyHash
RegQueryValueA
RegSetValueExA
RegOpenKeyExA
RegFlushKey
CryptReleaseContext
RegCloseKey
RegDeleteKeyA
CryptCreateHash
CryptAcquireContextA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
OpenServiceA
InitializeSecurityDescriptor
CryptHashData
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
IsValidSid

shell32

SHBrowseForFolderA
SHFileOperationA
DragAcceptFiles
ord155
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHChangeNotify
ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileA

user32

DrawIconEx
SetMenuDefaultItem
LoadStringW
GetClassNameA
GetDlgItem
SystemParametersInfoA
LoadBitmapA
UnregisterClassA
GetNextDlgTabItem
InsertMenuA
LoadCursorA
GetForegroundWindow
KillTimer
GetSystemMetrics
EqualRect
IsWindowEnabled
DefWindowProcA
IsMenu
CloseClipboard
GetMenuItemID
PostMessageA
GetClientRect
SetWindowPos
DispatchMessageA
GetMenu
GetSubMenu
ReleaseDC
ReleaseCapture
DrawEdge
GetMessagePos
GetUpdateRect
OpenClipboard
ValidateRect
IsWindow
SendDlgItemMessageA
ScreenToClient
PostQuitMessage
SetWindowContextHelpId
RegisterClassExA
TranslateAcceleratorA
DestroyWindow
GetTopWindow
GetWindowRect
SetCapture
ShowCaret
TrackPopupMenu
MapWindowPoints
SendMessageA
TranslateMessage
SetWindowsHookExA
MessageBeep
DestroyIcon
ScrollWindowEx
InvalidateRect
LoadIconA
GetKeyState
FrameRect
DrawFocusRect
RegisterClassA
GetActiveWindow
GetClipboardData
IntersectRect
WindowFromPoint

comctl32

ImageList_Draw
ImageList_DragShowNolock
_TrackMouseEvent
ImageList_DragLeave
ImageList_GetImageCount
ImageList_Create
ImageList_Destroy
ImageList_GetIcon
ImageList_LoadImageA
ord17

oleaut32

LoadTypeLi

ole32

CoRegisterMessageFilter
CoTreatAsClass
ReadFmtUserTypeStg
CoRevokeClassObject
SetConvertStg
OleCreateFromData
WriteClassStm
OleSetClipboard
OleSaveToStream
GetClassFile
OleRegGetUserType
ReadClassStg
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromProgID
WriteFmtUserTypeStg
StgOpenStorageOnILockBytes
StgCreateDocfile
OleFlushClipboard
StringFromGUID2
OleSetContainedObject
CreateILockBytesOnHGlobal
StgIsStorageILockBytes

gdi32

OffsetRgn
CreatePatternBrush
GetSystemPaletteEntries
RectVisible
Ellipse
DPtoLP
DeleteDC
SetAbortProc
SetPolyFillMode
DeleteObject
GetObjectA
FrameRgn
UnrealizeObject
GetDeviceCaps
RoundRect
MaskBlt
GetRegionData
SetMapMode
GetPaletteEntries
CreateDCA
CreateBitmap
CreateDIBSection
GetStockObject

kernel32

SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
SetUnhandledExceptionFilter
GetVersion
LoadLibraryA
UnhandledExceptionFilter
LCMapStringA
CompareStringW
LeaveCriticalSection
GetCurrentThreadId
HeapDestroy
HeapAlloc
TerminateProcess
GetFileType
CompareStringA
VirtualAlloc
GetStringTypeW
SetLastError
IsBadCodePtr
FreeEnvironmentStringsW
GetACP
GetStdHandle
FreeEnvironmentStringsA
HeapCreate
GetCPInfo
GetTimeZoneInformation
GetEnvironmentStrings
GetLastError
MultiByteToWideChar
RtlUnwind
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStringsW
RaiseException
CloseHandle
GetSystemTimeAsFileTime
GetLocalTime
GetModuleFileNameA
TlsGetValue
EnterCriticalSection
CreateMutexA
GetModuleHandleA
FlushFileBuffers
TlsAlloc
ExitProcess
WideCharToMultiByte
TlsSetValue
InterlockedIncrement
InitializeCriticalSection
ReadFile
HeapFree
GetTickCount
GetCommandLineA
SetFilePointer
SetHandleCount
VirtualFree
VirtualQuery
HeapReAlloc
QueryPerformanceCounter
GetStartupInfoA
GetSystemTime
LCMapStringW
WriteFile
GetStringTypeA
GetOEMCP
DeleteCriticalSection
GetProcAddress
InterlockedDecrement

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fb4d516ca28888bec92032690d5d1cd

Headers

File Characteristics

Imports

winmm

advapi32

shell32

user32

comctl32

oleaut32

ole32

gdi32

kernel32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 464KB - Virtual size: 463KB

.data Size: 112KB - Virtual size: 123KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 464KB - Virtual size: 463KB

.data
Size: 112KB - Virtual size: 123KB

.rsrc
Size: 64KB - Virtual size: 60KB