f50b7173e0eb1ff5d61adcc097ac1f8b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f50b7173e0eb1ff5d61adcc097ac1f8b_JaffaCakes118
Size

632KB
MD5

f50b7173e0eb1ff5d61adcc097ac1f8b
SHA1

2188f4fbc85852d6a74c833b0adcd9cfa01d73fe
SHA256

a2e30de98b448e47b33b0323c8e816361f99b5c959b757550d607865a4eaa8f8
SHA512

5c3d6a027e9ad194139f835b153f90c6ea52f6eb0b2bc4885006241023bef360894dc431834dfd919ee2ef1906f589e3ec88beca27b9e940bbea8103536d363e
SSDEEP

12288:yrqq7hCWm9+Hb7qVrM2P+45N8hjNsgrNcQmh6bJDQMpngX9dZHfRGC:yOqZwM2PfjA3pVfngX9vRGC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50b7173e0eb1ff5d61adcc097ac1f8b_JaffaCakes118

Files

f50b7173e0eb1ff5d61adcc097ac1f8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8659007b4e34f8299259043062879a8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\tefom.pdb

Imports

user32

SetShellWindow
CloseWindow
DefWindowProcA
OpenClipboard
DlgDirListComboBoxW
DrawStateA
SendMessageA
CharPrevW
RegisterClipboardFormatW
DdeQueryStringA
GetWindowRgn
EnumWindowStationsW
SetWindowsHookA
ChildWindowFromPointEx
SetDeskWallpaper
OemKeyScan
GetCaretPos
BroadcastSystemMessageW
DestroyWindow
GetMessageTime
GetProcessDefaultLayout
InvalidateRect
GetWindowTextW
SendDlgItemMessageA
EnumPropsA
GetMenuItemCount
CreateMDIWindowA
DrawTextExW
MonitorFromRect
SetUserObjectInformationA
RegisterClassA
SetSystemCursor
GetMessageW
OpenWindowStationW
DestroyCaret
EnumDisplaySettingsA
GetKeyboardType
DrawStateW
GetSubMenu
GetWindowContextHelpId
PostMessageA
DlgDirSelectExW
MessageBoxW
DispatchMessageA
OemToCharBuffW
IsCharLowerA
ShowWindowAsync
IsDialogMessageA
ShowWindow
GetWindowTextLengthA
LookupIconIdFromDirectoryEx
CharToOemA
CreateWindowExA
CloseDesktop
ChangeDisplaySettingsA
RealGetWindowClass
LoadStringA
IsClipboardFormatAvailable
CreateAcceleratorTableA
AdjustWindowRect
CallWindowProcA
CreateDialogParamW
MenuItemFromPoint
UnhookWindowsHook
RegisterClassExA
ShowCursor
DlgDirListComboBoxA

kernel32

CompareStringA
SetLastError
MultiByteToWideChar
GetStringTypeW
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetProcAddress
TlsSetValue
GetEnvironmentStrings
SetConsoleCtrlHandler
InterlockedExchange
GetCurrentThread
VirtualQuery
lstrcmp
InterlockedDecrement
VirtualAlloc
TlsAlloc
SystemTimeToTzSpecificLocalTime
GetCurrentThreadId
GetVersionExA
WriteConsoleW
LeaveCriticalSection
ExitProcess
InterlockedIncrement
WideCharToMultiByte
UnhandledExceptionFilter
GetStdHandle
GetLocaleInfoW
WriteFile
GetStringTypeA
CreateFileA
HeapSize
GetPrivateProfileSectionNamesW
GetPrivateProfileStructW
LCMapStringA
GetSystemTimeAsFileTime
GetOEMCP
LCMapStringW
GetTimeFormatA
GetTimeZoneInformation
GetModuleHandleA
GetTickCount
WriteConsoleA
GetDateFormatA
OpenFile
HeapFree
OpenMutexA
VirtualFree
GetModuleFileNameA
ReadFile
GetUserDefaultLCID
FreeEnvironmentStringsA
InitializeCriticalSection
FreeLibrary
HeapReAlloc
FreeEnvironmentStringsW
SetStdHandle
CompareStringW
HeapCreate
QueryPerformanceCounter
GetConsoleMode
GetLocaleInfoA
FindResourceW
GetProcessHeap
SetFilePointer
EnterCriticalSection
GetCommandLineW
EnumSystemLocalesW
GetConsoleOutputCP
GetModuleFileNameW
GetCurrentProcess
GetPrivateProfileSectionNamesA
HeapAlloc
GetStartupInfoA
TlsGetValue
LocalFileTimeToFileTime
DeleteCriticalSection
HeapDestroy
IsValidLocale
IsValidCodePage
GetStartupInfoW
ReadConsoleOutputAttribute
GetConsoleCP
RtlUnwind
TlsFree
GetCurrentProcessId
SetHandleCount
FlushFileBuffers
GetCPInfo
GetACP
GetDiskFreeSpaceW
CloseHandle
IsDebuggerPresent
TerminateProcess
GetCommandLineA
CreateMutexA
Sleep
GetFileType
EnumSystemLocalesA
GetLastError
LoadLibraryA
SetEnvironmentVariableA

comctl32

ImageList_EndDrag
CreateStatusWindowA
InitCommonControlsEx
ImageList_GetFlags
ImageList_SetFlags
ImageList_DrawIndirect
ImageList_Add

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8659007b4e34f8299259043062879a8c

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 116KB - Virtual size: 137KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 116KB - Virtual size: 137KB

.rsrc
Size: 20KB - Virtual size: 18KB