ff1e706df653116d748467cf1f583931_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff1e706df653116d748467cf1f583931_JaffaCakes118
Size

792KB
MD5

ff1e706df653116d748467cf1f583931
SHA1

83c1dc9fdc5c8c43431a066bb75f187ca5a7350e
SHA256

1bb6f4aba46f23c10a8435191090873fa4a20f7aea1187ab8ec7b09876f13286
SHA512

3220aee25481debabab39740fd73dd686a07a8c62ad51639866caab9ec659142737fe96d35ca8321e54fed0c3f57722bb2d3ab95e49271cf3ad7735d548ba610
SSDEEP

12288:bkCFAGa1jHrk55gZ6yWzVjhL6ILWa51yUphsvHs1tx7nSB97:4sA7j45KIyoVjXLR5gUgvM0f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff1e706df653116d748467cf1f583931_JaffaCakes118

Files

ff1e706df653116d748467cf1f583931_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\ptfrtegnao\umeebr

Imports

comctl32

ImageList_DrawIndirect
ImageList_Read
ImageList_ReplaceIcon
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetDragImage
DrawStatusTextA
ImageList_DragShowNolock

user32

CreateWindowExA
GetCapture
CharNextExA
CharNextA
GetWindowTextA
CreateIcon
UnregisterHotKey
ChangeMenuW
DefDlgProcW
CreateWindowStationA
GetMenuStringA
BeginDeferWindowPos
SetForegroundWindow
GetWindowPlacement
GetQueueStatus
SetWindowsHookA
IsWindowEnabled
ChangeDisplaySettingsA
SetClassLongA
DdeCmpStringHandles
RegisterClassExA
CreateAcceleratorTableA
DdeAbandonTransaction
CharNextW
RegisterClassExW
RegisterClassA
LoadStringW
GetGuiResources

kernel32

GetLocalTime
GetStringTypeA
GetStringTypeW
GetStdHandle
GetCommandLineA
EnumDateFormatsW
ReadFile
RtlUnwind
GetCurrentThreadId
InterlockedIncrement
DeleteCriticalSection
SetStdHandle
OpenWaitableTimerW
UnhandledExceptionFilter
TlsGetValue
FreeEnvironmentStringsA
LCMapStringW
GetCurrentProcessId
CloseHandle
SetEnvironmentVariableA
WideCharToMultiByte
GetFileType
GetTimeZoneInformation
IsBadWritePtr
GetModuleFileNameA
ExitProcess
InterlockedCompareExchange
GetPrivateProfileIntW
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrcmpiW
SetLastError
GetStartupInfoA
EnterCriticalSection
FreeEnvironmentStringsW
GetVersion
ExitThread
WriteFile
GetCurrentProcess
GetStartupInfoW
SetConsoleTitleW
GetLongPathNameA
TlsAlloc
EnumResourceNamesA
HeapFree
GetModuleHandleA
GetCommandLineW
TlsSetValue
GetCurrentThread
GlobalFree
TlsFree
CompareStringW
GetSystemTime
GetEnvironmentStrings
SetFilePointer
HeapAlloc
lstrcpy
SetConsoleOutputCP
HeapReAlloc
SetHandleCount
DosDateTimeToFileTime
GetStringTypeExW
GetCPInfo
FindResourceExA
OpenMutexA
OutputDebugStringW
HeapDestroy
VirtualAlloc
InterlockedExchange
InitializeCriticalSection
GetThreadContext
HeapCreate
TerminateProcess
VirtualQuery
LoadLibraryA
FlushFileBuffers
InterlockedDecrement
LocalAlloc
MultiByteToWideChar
EnumDateFormatsA
LCMapStringA
VirtualProtect
CreateMutexA
CompareStringA
GetTickCount
GetEnvironmentStringsW
QueryPerformanceCounter
VirtualFree
LoadLibraryExA
CreateRemoteThread
GetProcAddress
GetLastError
SetCurrentDirectoryW
GetModuleFileNameW

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 132KB - Virtual size: 128KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 132KB - Virtual size: 128KB

.rsrc
Size: 132KB - Virtual size: 129KB