f61151df3c4d1f1daee0fa4b66c9b6fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f61151df3c4d1f1daee0fa4b66c9b6fe_JaffaCakes118
Size

596KB
MD5

f61151df3c4d1f1daee0fa4b66c9b6fe
SHA1

b41df50b57c20c8e0351712d35ea7c6011551941
SHA256

d05da8e368dd7b2e6fec883e70edfae07601563bdc3be348e3860e67d3b4cdf3
SHA512

a783bdab4ff3fcee06465ef75a97ff3ae9179a558df04d98084b2230d96eeb8ce3724b8e27eb271557a89a7e83726418055347e6bd7f3c76b79d65d1ddb1f464
SSDEEP

12288:Xltd+OHVRMK1TLBgg9ekyXDRST+7ocOCqgXf0rdUL:Ld+E7tvqdvXI+ocoaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f61151df3c4d1f1daee0fa4b66c9b6fe_JaffaCakes118

Files

f61151df3c4d1f1daee0fa4b66c9b6fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e09c308d85519843fa0552aaa3578122

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\tvoacobfpu.pdb

Imports

comctl32

CreateUpDownControl
ImageList_SetDragCursorImage
CreatePropertySheetPage
ImageList_GetFlags
ImageList_ReplaceIcon
CreateStatusWindowA
ImageList_AddMasked
ImageList_Duplicate
ImageList_BeginDrag
DrawInsert
GetEffectiveClientRect
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_DragMove
InitCommonControlsEx
ImageList_DragShowNolock
CreateToolbarEx
ImageList_Write
ImageList_SetBkColor
ImageList_Replace
InitMUILanguage

user32

SetWindowLongW
SetClipboardData
EnableMenuItem
DialogBoxIndirectParamW
CharLowerBuffW
DdeInitializeA
CascadeChildWindows
RegisterWindowMessageW
GetClipCursor
ScrollDC
DefWindowProcW
DrawTextExW
CheckMenuItem
SetWinEventHook
CharUpperBuffA
GetKeyboardLayout
FindWindowExW
SendNotifyMessageA
IsChild
GetMenuState
IntersectRect
ShowOwnedPopups
SetWindowPos
DestroyWindow
RegisterClassExA
OpenDesktopA
IsCharAlphaNumericW
ArrangeIconicWindows
ShowWindow
SendInput
SetCaretBlinkTime
RegisterHotKey
SetWindowsHookExW
MapVirtualKeyW
CreateIcon
SetMenuItemInfoA
GetWindowTextW
SwitchToThisWindow
SetShellWindow
MonitorFromRect
LoadCursorA
RealGetWindowClass
DefFrameProcA
MessageBoxA
GetWindowPlacement
SetClassWord
GetCursorInfo
RegisterClassA
CreateWindowExW
BroadcastSystemMessage

kernel32

TlsFree
GetLogicalDriveStringsA
LockFile
EnterCriticalSection
FlushFileBuffers
ReadConsoleA
GetAtomNameA
GetLocaleInfoW
SetCriticalSectionSpinCount
GetCurrentProcessId
VirtualQuery
OpenMutexA
SetFilePointer
GetExitCodeThread
SetVolumeLabelA
GetTickCount
GetAtomNameW
GetVersion
RemoveDirectoryW
OutputDebugStringW
SetLocaleInfoW
SetLocaleInfoA
CloseHandle
FreeResource
IsValidCodePage
WriteConsoleOutputW
GetStringTypeW
TlsGetValue
VirtualProtect
GetFullPathNameW
CopyFileExA
TlsSetValue
GetSystemInfo
GetDateFormatA
InterlockedExchange
HeapAlloc
GetUserDefaultLCID
InterlockedCompareExchange
GetCurrentProcess
HeapCreate
GetLocaleInfoA
FillConsoleOutputCharacterW
SetStdHandle
WritePrivateProfileStringW
GetTimeFormatA
LocalHandle
DeleteCriticalSection
GetDiskFreeSpaceW
lstrlen
lstrcatW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsBadReadPtr
GetCPInfo
HeapReAlloc
WaitNamedPipeA
IsDebuggerPresent
CompareStringW
GetModuleFileNameA
FreeEnvironmentStringsA
HeapSize
UnhandledExceptionFilter
MapViewOfFileEx
CreateMutexA
WaitForDebugEvent
SetLastError
ResetEvent
ReleaseSemaphore
LoadLibraryA
WideCharToMultiByte
FindResourceA
RtlUnwind
CompareStringA
GetStdHandle
InitializeCriticalSection
FindNextFileA
GetProcAddress
SetConsoleActiveScreenBuffer
SetHandleCount
GetFileType
GetDiskFreeSpaceA
CreateRemoteThread
GetProfileIntW
GetSystemDefaultLangID
WritePrivateProfileSectionW
GlobalUnlock
CreateFileW
GetStringTypeA
EnumSystemCodePagesA
WriteConsoleOutputCharacterA
GetOEMCP
RtlFillMemory
GlobalFindAtomW
GetVersionExA
LeaveCriticalSection
GetStartupInfoA
HeapLock
TlsAlloc
MoveFileExA
DebugActiveProcess
TerminateProcess
GetCurrentThreadId
FreeEnvironmentStringsW
SetEnvironmentVariableA
OpenFile
GetPrivateProfileStringW
EnumSystemLocalesA
CreateSemaphoreW
MoveFileExW
WriteFile
VirtualFree
GetModuleHandleA
HeapDestroy
HeapFree
GetCommandLineA
SetConsoleCtrlHandler
FindAtomA
FormatMessageA
IsValidLocale
SetConsoleCursorInfo
VirtualAlloc
GetCalendarInfoA
GetCurrentThread
OpenSemaphoreA
GetLastError
ExitProcess
EnumSystemCodePagesW
GetDiskFreeSpaceExA
LCMapStringA
GetACP
GlobalReAlloc
MultiByteToWideChar
IsBadWritePtr
GetEnvironmentStrings
ReadFile
EnumResourceNamesA
GetTimeZoneInformation
GetEnvironmentStringsW
FreeLibraryAndExitThread
LCMapStringW
GetCurrencyFormatW

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e09c308d85519843fa0552aaa3578122

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 116KB - Virtual size: 129KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 116KB - Virtual size: 129KB

.rsrc
Size: 16KB - Virtual size: 13KB