f9b74d48941e824b95cca3bbdd6c4cbb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9b74d48941e824b95cca3bbdd6c4cbb_JaffaCakes118
Size

102KB
MD5

f9b74d48941e824b95cca3bbdd6c4cbb
SHA1

428699e09077308a42f7c1883f2894290787b72f
SHA256

c976b73f731debd8163eb28691ced598f21fa0bdfac038bcb85603e1176143bf
SHA512

49f50f086ea003794b728da3641a7ee80fa8f3a0ac38c2b9dbaab93a331d6c0dc7db4ee7b0ac4b98f6e97ed42b3d9ef70f1e8468a9d9e3826f9bf89aa5554b5e
SSDEEP

3072:iJ9pSCxXFzQqU9B0x7K+FBHo85z9sNYFfP:iJig18qD++D5KE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9b74d48941e824b95cca3bbdd6c4cbb_JaffaCakes118

Files

f9b74d48941e824b95cca3bbdd6c4cbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6c626a5f42653acdc8a5109739e650d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??0exception@@QAE@XZ
wcsncmp
_snwprintf
exit
__getmainargs
_adjust_fdiv
_controlfp
_wtol
memcpy
iswctype
_exit
localtime
__set_app_type
_c_exit
__p__commode
_wtoi
_acmdln
_initterm
time
_cexit
fclose
wcsncpy
_XcptFilter
__setusermatherr
??1type_info@@UAE@XZ
__p__fmode
__dllonexit

kernel32

WideCharToMultiByte
UnmapViewOfFile
WaitForSingleObject
LocalFree
LocalUnlock
GetCommandLineA
GetModuleHandleA
OpenMutexA
GetComputerNameW
MapViewOfFile
SetFilePointer
LocalReAlloc
GetWindowsDirectoryA
OutputDebugStringW
LocalLock
VirtualQuery
LocalAlloc
Sleep
GetStartupInfoW
TlsSetValue
GetFileType
SetEnvironmentVariableA
GetStringTypeW
SetEvent
GetModuleFileNameA
DeleteFileW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
FormatMessageW
FoldStringW
lstrcmpW
GetUserDefaultLCID
LoadLibraryA
SetErrorMode
FileTimeToSystemTime
lstrlenW
MulDiv
GetACP
FindClose
TlsFree
ResumeThread
GetStartupInfoA
CloseHandle
GetCurrentProcessId
InterlockedCompareExchange
GetDateFormatW
SizeofResource
SetEndOfFile
GetVersion
lstrcatW
ReadFile
OpenProcess
GetCurrentThreadId
ExitProcess
GlobalFree
CreateEventW
lstrcpyW
CreateFileW
GetUserDefaultUILanguage
GetTimeFormatW
CreateFileMappingW
lstrcmpiW
GetEnvironmentStringsW
VirtualFree
ExitThread
GetLocalTime
GetDiskFreeSpaceA
SetUnhandledExceptionFilter
SetLastError
GetTickCount
GetFileAttributesW
GetVersionExA
GetLastError
QueryPerformanceCounter
FindFirstFileW
VirtualAlloc
TerminateProcess
RtlUnwind
GetCommandLineW
HeapDestroy
EnterCriticalSection
CreateFileA
InitializeCriticalSection
GetLocaleInfoW
GetProcessHeap
CompareStringW
GlobalLock
GlobalUnlock
FreeEnvironmentStringsW
LocalSize
GetProcAddress
MultiByteToWideChar
LoadLibraryW
WriteFile
VirtualProtect
GetVersionExW
GetCurrentProcess
GetFileSize
GetFileInformationByHandle
lstrcpynW
LeaveCriticalSection

user32

DeleteMenu
wsprintfW
GetDlgItem
DialogBoxParamW
GetParent
GetWindowTextW
TranslateAcceleratorW
GetDesktopWindow
InvalidateRect
WinHelpW
SetCursor
GetSystemMenu
ReleaseDC
SetFocus
GetSysColor
LoadAcceleratorsW
PostQuitMessage
LoadImageW
LoadStringW
SendDlgItemMessageW
SendMessageA
IsClipboardFormatAvailable
CloseClipboard
RegisterWindowMessageW
SetTimer
MessageBoxW
UnhookWindowsHookEx
ScreenToClient
SetWinEventHook
GetDC
CharLowerW
GetCursorPos
RegisterClassExW
GetSystemMetrics
CharNextW
CreateWindowExW
GetSubMenu
SetWindowPlacement
GetMessageW
wsprintfA
CheckMenuItem
GetClientRect
TranslateMessage
EnableMenuItem
GetForegroundWindow
GetKeyboardLayout
SetScrollPos
LoadCursorW
GetMenuState
EnumChildWindows
PostMessageW
CharUpperW
CreateDialogParamW
GetFocus
EnableWindow
GetDlgItemTextW
LoadIconW
IsIconic
SetActiveWindow
MoveWindow
GetDlgCtrlID
RegisterWindowMessageA
SendMessageW
GetMenu
DispatchMessageA
DestroyIcon
OpenClipboard
GetWindowLongW
PeekMessageW
GetWindowPlacement
SetWindowTextW
DestroyMenu
DestroyWindow
SetDlgItemTextW
GetClassNameW
SetWindowLongW
MessageBeep
UnhookWinEvent
IsDialogMessageW
DrawTextExW
SetWindowPos
EndDialog
DefWindowProcW
UpdateWindow
SetPropW
ShowWindow
ChildWindowFromPoint
DispatchMessageW

gdi32

EndPage
GetTextFaceW
CreateFontIndirectW
TextOutW
CreateDCW
SetAbortProc
GetObjectW
GetTextExtentPoint32W
StartPage
SetViewportExtEx
SelectObject
DeleteObject
StartDocW
DeleteDC
GetDeviceCaps
GetTextMetricsW
SetMapMode
SetWindowExtEx
EndDoc
AbortDoc
SetBkMode
EnumFontsW
LPtoDP
GetStockObject

comdlg32

CommDlgExtendedError
FindTextW
ReplaceTextW
GetSaveFileNameW
GetFileTitleW
ChooseFontW
PrintDlgExW
GetOpenFileNameW
PageSetupDlgW

advapi32

RegQueryValueExA
RegQueryValueExW
IsTextUnicode
RegSetValueExW
RegOpenKeyExA
RegCreateKeyW
RegCloseKey

winspool.drv

ClosePrinter
GetPrinterDriverW
OpenPrinterW

shell32

DragAcceptFiles
DragFinish
ShellAboutW
DragQueryFileW

comctl32

CreateStatusWindowW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 59KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6c626a5f42653acdc8a5109739e650d

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

winspool.drv

shell32

comctl32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 15KB - Virtual size: 15KB

.idata Size: 59KB - Virtual size: 88KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 15KB - Virtual size: 15KB

.idata
Size: 59KB - Virtual size: 88KB

.rsrc
Size: 19KB - Virtual size: 19KB