f9e485a963038880d48c625c14f8ccfa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9e485a963038880d48c625c14f8ccfa_JaffaCakes118
Size

548KB
MD5

f9e485a963038880d48c625c14f8ccfa
SHA1

6672f5b59a0c97ccdc7e2d77779eaa7072d2f261
SHA256

c1851b4df4b4af2c27c080371831646ae1ba2a9fa30c757dcaa597d5f38a0788
SHA512

c63c7b2832fb16fa82be87b1b21218fef60ba5a276cf38d21687c772e430178a3247b26c0aa03c3de4d6f101bfbc0542f90bf37f12ded4e53453405487a948c6
SSDEEP

12288:SUtph7oXgNAKOwNB3fkMuh+5YnemAiJoDSM6mGIR9lV:rXh7oXgaKDBMr+WAdSM6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e485a963038880d48c625c14f8ccfa_JaffaCakes118

Files

f9e485a963038880d48c625c14f8ccfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01df5f59fa4640f1b59d125731c57b00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_GetImageInfo
ImageList_SetImageCount
InitCommonControlsEx
ImageList_Destroy
ImageList_Add
ImageList_BeginDrag
CreatePropertySheetPageA
CreateMappedBitmap
CreateStatusWindowW
ImageList_Copy
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetFlags
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_SetDragCursorImage
CreateUpDownControl
GetEffectiveClientRect
ImageList_SetFilter
ImageList_SetFlags

advapi32

CryptSetProvParam
RegDeleteValueW
CryptDecrypt
CryptGetHashParam
CryptGenKey
LookupPrivilegeValueA
CryptVerifySignatureW
CryptCreateHash
LookupPrivilegeNameA
CryptEncrypt
GetUserNameW
RegConnectRegistryW
RegEnumKeyExW

shell32

DragQueryFile
SHInvokePrinterCommandW
SheSetCurDrive
ExtractAssociatedIconExA
ShellExecuteEx

user32

DefFrameProcA
DefMDIChildProcW
EnumClipboardFormats
MessageBoxW
CreateWindowExA
RegisterClassExA
MapDialogRect
TrackPopupMenuEx
DefWindowProcW
SetPropW
GetSysColor
EnumDisplayMonitors
BlockInput
GrayStringW
SetMenuInfo
GetIconInfo
SetLastErrorEx
DdeDisconnectList
FindWindowW
GetWindowRect
SetMessageQueue
LoadKeyboardLayoutW
EnumDesktopsA
DestroyWindow
ShowWindow
RegisterClassA
HideCaret
RegisterWindowMessageA
GetPriorityClipboardFormat
DefDlgProcW
TrackMouseEvent
LoadBitmapW

comdlg32

PageSetupDlgW

kernel32

GetCurrentProcess
lstrcpynW
LCMapStringA
SetHandleCount
GetUserDefaultLCID
GetTickCount
SetConsoleCtrlHandler
HeapCreate
RtlUnwind
CloseHandle
HeapAlloc
LeaveCriticalSection
GetStringTypeW
GetStartupInfoA
CreateFileA
IsValidLocale
GetProcessHeap
GetCurrentThread
WriteFile
GetEnvironmentStrings
HeapFree
lstrcpynA
GetSystemTimeAsFileTime
MultiByteToWideChar
GetModuleFileNameA
GetEnvironmentStringsW
FlushFileBuffers
IsValidCodePage
FlushInstructionCache
SetStdHandle
WriteConsoleA
GetCPInfo
GetLocaleInfoA
WriteConsoleW
GetCurrentProcessId
InterlockedIncrement
InitializeCriticalSection
UnhandledExceptionFilter
HeapDestroy
GetTimeZoneInformation
GetDateFormatA
Sleep
CompareStringA
FreeLibrary
GetConsoleOutputCP
ExitProcess
GetConsoleCP
GetModuleHandleA
TerminateProcess
InterlockedExchange
TlsGetValue
VirtualFree
FreeEnvironmentStringsA
LoadLibraryA
GetMailslotInfo
ReadFile
VirtualAlloc
GetTimeFormatA
SetEnvironmentVariableA
GetCurrentThreadId
EnterCriticalSection
HeapReAlloc
SetUnhandledExceptionFilter
GetOEMCP
WideCharToMultiByte
GetLastError
GetStdHandle
TlsAlloc
SetLastError
SetConsoleTitleW
IsDebuggerPresent
EnumSystemLocalesA
GetFileType
GetConsoleMode
DeleteCriticalSection
GetLocaleInfoW
OpenMutexA
FreeEnvironmentStringsW
GetStringTypeA
GetVersionExA
CreateMutexA
CompareStringW
GetCommandLineA
TlsFree
TlsSetValue
InterlockedDecrement
GetACP
QueryPerformanceCounter
VirtualQuery
SetSystemTime
LCMapStringW
GetProcAddress
SetFilePointer
HeapSize

gdi32

ScaleWindowExtEx
SetRectRgn
GetFontLanguageInfo
GetCharacterPlacementA
SetBoundsRect
GetObjectW
Polygon
DeleteDC
CloseEnhMetaFile
DeleteObject
CreateCompatibleBitmap
CopyMetaFileW
GetArcDirection
StartPage
PatBlt
SelectClipPath
GetDeviceCaps
SetBkColor
GetWindowOrgEx
SetTextCharacterExtra
GetDeviceGammaRamp
CreateDCW
DrawEscape

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01df5f59fa4640f1b59d125731c57b00

Headers

File Characteristics

Imports

comctl32

advapi32

shell32

user32

comdlg32

kernel32

gdi32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 120KB - Virtual size: 141KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 120KB - Virtual size: 141KB

.rsrc
Size: 12KB - Virtual size: 9KB