f0836d44043e77e49a2936fed1e3c057_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0836d44043e77e49a2936fed1e3c057_JaffaCakes118
Size

644KB
MD5

f0836d44043e77e49a2936fed1e3c057
SHA1

5969a49add6fd2932858197f02de8b15368f4d96
SHA256

5dd9d2a048ec5e464f36b8640436849831a80e488be835cf6c1af76bd09702e8
SHA512

22db9c0d3b15f0d9b09fe28b73548eed1c5d18dfac1a5c0c6073738e4dac9fd8697dfdad63dd2d56752e75d0480a74505252074974eaf0b6f8b8064ee2cf6aa7
SSDEEP

12288:tkeEPSbiYrkt/sBWDS5axHZAR4zgicWl0fpMZ7kLEy4uDj6K:tkjPSbiEkdsBIEaxHZppupM7kYy4uD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0836d44043e77e49a2936fed1e3c057_JaffaCakes118

Files

f0836d44043e77e49a2936fed1e3c057_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55aa431036cf9a5f1ca42f382eb7c884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

gdi32

GetCharABCWidthsW
CreateColorSpaceW
ExtCreatePen
EnumFontFamiliesExW
AnimatePalette
GetEnhMetaFilePaletteEntries
CreateDIBPatternBrushPt
GetTextMetricsW
GetFontData
GetEnhMetaFileA
GetEnhMetaFileDescriptionW
Pie
ScaleViewportExtEx
GetCharABCWidthsFloatW
ResetDCW
SetBitmapBits
CloseFigure
CopyMetaFileA
SetTextColor

advapi32

RegQueryMultipleValuesW
RegCloseKey
CryptHashSessionKey
RegEnumKeyExW
LookupSecurityDescriptorPartsA
LookupPrivilegeValueA
CreateServiceW
CryptDuplicateHash
RegEnumKeyW
CryptCreateHash
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegDeleteKeyA
CryptDuplicateKey
StartServiceW
LookupAccountNameW
AbortSystemShutdownW

comctl32

CreateStatusWindowA
CreatePropertySheetPageA
ImageList_EndDrag
ImageList_GetBkColor
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_Add
CreateUpDownControl
ImageList_Write
ImageList_Copy
ImageList_ReplaceIcon
ImageList_DragLeave
InitMUILanguage
MakeDragList
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_DragShowNolock

user32

wvsprintfW
GetCaretBlinkTime
PostThreadMessageA
GetScrollInfo
SetDebugErrorLevel
GetMenuItemCount
IntersectRect
GetTabbedTextExtentW
GetParent
SendMessageTimeoutA
GetClassInfoExA
GetThreadDesktop
SwitchToThisWindow
EnumDisplaySettingsExW
PeekMessageW
DrawCaption
ValidateRect
DrawTextA
ChangeDisplaySettingsA
DrawStateA
DdeClientTransaction
IsDialogMessageA
CreateIconIndirect
SetWindowPlacement
ChildWindowFromPoint
DefMDIChildProcA
EnumDesktopsA
ShowScrollBar
RegisterClipboardFormatW
ToAsciiEx
EnumWindowStationsA
RemoveMenu
RegisterHotKey
CharUpperA
CallMsgFilterA
GetKeyboardType
WinHelpW
RemovePropW
DdeNameService
DragObject
GetKeyboardLayoutList
InternalGetWindowText
GetSubMenu
ScrollWindow
CountClipboardFormats
OemKeyScan
DdeQueryStringW
GetClipboardSequenceNumber
EnumClipboardFormats
WinHelpA
SetWindowsHookA
SystemParametersInfoA
CharToOemW
FindWindowW
EnumPropsA
GetPropA
DefWindowProcW
PaintDesktop
MessageBoxW
FlashWindowEx
IsDlgButtonChecked
CheckDlgButton
OpenWindowStationA
DdeQueryNextServer
GetWindowWord
DdeImpersonateClient
ChangeClipboardChain
GetComboBoxInfo
CharNextExA
DestroyWindow
InflateRect
CreateWindowExA
BeginPaint
DdeCreateDataHandle
EnumThreadWindows
ChangeDisplaySettingsExA
SetProcessDefaultLayout
CreateIconFromResourceEx
SetWindowTextA
GetMenuItemID
DlgDirSelectComboBoxExW
EnumDisplaySettingsW
GetMenuState
ShowWindow
LoadMenuIndirectA
IsCharLowerW
TabbedTextOutA
GetNextDlgTabItem
LoadStringW
FindWindowExA
RegisterClassA
SetScrollRange
OemToCharW
InsertMenuW
EnableScrollBar
EqualRect
MapDialogRect
GetScrollBarInfo
LoadCursorA
CallWindowProcW
RegisterClassExA
DdeReconnect
IsCharAlphaNumericA
OemToCharBuffW

wininet

InternetGoOnline
InternetSecurityProtocolToStringW
InternetCrackUrlW
IncrementUrlCacheHeaderData
InternetGetLastResponseInfoA
CreateUrlCacheEntryA
DeleteUrlCacheEntryW
FtpRemoveDirectoryW

kernel32

GetCommandLineA
HeapAlloc
GetLocaleInfoW
VirtualProtect
RtlUnwind
GetModuleHandleA
LCMapStringW
HeapSize
SetCurrentDirectoryW
GetTimeFormatA
WideCharToMultiByte
GetProcAddress
TlsGetValue
GetDateFormatA
GetStringTypeW
FreeEnvironmentStringsA
CreateMutexA
MultiByteToWideChar
GetCPInfo
GetStdHandle
GetCurrentProcessId
TlsSetValue
GetCurrentThread
SetHandleCount
GetFileType
FlushFileBuffers
IsValidLocale
VirtualAlloc
LeaveCriticalSection
DeleteCriticalSection
GetThreadLocale
OpenMutexA
GetOEMCP
GetEnvironmentStrings
VirtualFree
TlsFree
GetACP
TlsAlloc
GetVersionExA
SetFilePointer
GetCurrentProcess
GetLastError
LoadLibraryA
LCMapStringA
HeapCreate
GetModuleFileNameA
HeapDestroy
GetCurrentThreadId
ReadFile
FreeEnvironmentStringsW
GetStartupInfoA
GetSystemTimeAsFileTime
EnumSystemLocalesA
CompareStringA
EnterCriticalSection
GetStringTypeA
IsBadWritePtr
GetSystemInfo
ExitProcess
CloseHandle
HeapReAlloc
SetLastError
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
SetStdHandle
WriteFile
SetEnvironmentVariableA
TerminateProcess
GetTickCount
GetLocaleInfoA
InitializeCriticalSection
GetTimeZoneInformation
UnhandledExceptionFilter
InterlockedExchange
CompareStringW
VirtualQuery
IsValidCodePage
GetDiskFreeSpaceExA
GetUserDefaultLCID

shell32

SHFormatDrive
ExtractAssociatedIconW
ExtractAssociatedIconA

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55aa431036cf9a5f1ca42f382eb7c884

Headers

File Characteristics

PDB Paths

Imports

gdi32

advapi32

comctl32

user32

wininet

kernel32

shell32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 116KB - Virtual size: 121KB

.rsrc Size: 92KB - Virtual size: 89KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 116KB - Virtual size: 121KB

.rsrc
Size: 92KB - Virtual size: 89KB