f019868b326bf60cc51c6d7517bdb92f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f019868b326bf60cc51c6d7517bdb92f_JaffaCakes118
Size

497KB
MD5

f019868b326bf60cc51c6d7517bdb92f
SHA1

5ba4bb425048a3a3fb654e801529570990f97ab8
SHA256

84a5173ec266f55ed35e83168377a3bbc1b914cb47e804ac6c0ef31d9c2d07e5
SHA512

776a9ced35ccfd1871644c3182e4d4dd2dd2a48dfd815e647c38667a6c3c704d661f7a88916b485b7bc0999bea70026a2aec894a99c336960d393e1fa5b01e53
SSDEEP

12288:trzWEuv1B8BrPpTGd1eRVzyZMcNfVQJnAeLwV9E5KQXl8we:trzWEmBkFA1gVzaNfyJnF0VSoQVb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f019868b326bf60cc51c6d7517bdb92f_JaffaCakes118

Files

f019868b326bf60cc51c6d7517bdb92f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a71a4ebcff5b43242c1fdb8857fa883c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
SetStdHandle
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
ExpandEnvironmentStringsA
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
GetDiskFreeSpaceA
FindFirstFileA
lstrcmpA
WriteFile
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
MapViewOfFile
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
CreateEventW
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
InitializeCriticalSection
GetSystemTime
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
LocalFree
SetEvent
SetFileAttributesA
GetStringTypeW
HeapReAlloc
InterlockedDecrement
GetSystemTimeAsFileTime
GetStringTypeA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
LoadLibraryExW
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
GetVersion
InterlockedExchange
SizeofResource
CreateProcessA
HeapCreate
FindResourceW
VirtualFree
Sleep
FindResourceA
VirtualAlloc
EnterCriticalSection
GetOEMCP

user32

GetClientRect
SendMessageA
ReleaseDC
GetDC
GetWindowLongA
DispatchMessageA
IsWindow
SetWindowPos
LoadBitmapA
PostQuitMessage
DestroyMenu
SetForegroundWindow
IsIconic
GetActiveWindow
EnableWindow
SetWindowLongA
CheckMenuItem
wsprintfA
GetDlgItem
ScreenToClient
LoadCursorA
GetDesktopWindow
EndDialog
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
GetKeyState
DestroyWindow
GetParent
UpdateWindow
ShowWindow
PostMessageA
SetCapture
GetFocus
MessageBoxA
GetSysColor
IsWindowVisible
InvalidateRect
SetWindowTextA
CallWindowProcA
SetCursor
EnableMenuItem
GetSubMenu
FillRect
EndPaint
SetFocus
BeginPaint
KillTimer
DefWindowProcA
MapWindowPoints
GetSystemMetrics
ReleaseCapture
GetWindowRect

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetStockObject
CreateCompatibleDC
SelectObject
CreateSolidBrush
SetBkColor
CreateCompatibleBitmap
SetBkMode

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

VariantInit
SysFreeString
SysAllocStringLen
SysStringLen
VariantClear
SysAllocString

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegCloseKey

msvcrt

_strcmpi
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_controlfp
__set_app_type

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71a4ebcff5b43242c1fdb8857fa883c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

advapi32

msvcrt

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 3KB - Virtual size: 3KB