ff5a7777a71d3df82a0bc49c7c4fed41_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff5a7777a71d3df82a0bc49c7c4fed41_JaffaCakes118
Size

528KB
MD5

ff5a7777a71d3df82a0bc49c7c4fed41
SHA1

8efe79bce6b9547a896af7d0cde814aa14c0db7c
SHA256

2c1a33efbca820524719bd20a738643965e537df32cadf525b94cc2ab259b633
SHA512

e3d0799df60028e3df53fbfb2975854b16ac91ba1da05a5721afb684e1ad41a697e0a038918affa1409a491cee0bac68392c7305accaec5813162f0dc0cb794f
SSDEEP

12288:zX/W0GkFPlqv3xNrWWJTC3R8IqO6yLQcqyVvuuJx:zvlbdqvBN34NqORqyvuuJx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff5a7777a71d3df82a0bc49c7c4fed41_JaffaCakes118

Files

ff5a7777a71d3df82a0bc49c7c4fed41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b771fa637434b87c19d8a1feac4fb2f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\tuq.pdb

Imports

user32

GetWindowModuleFileNameA
ToUnicode
DefWindowProcA
CreateWindowExA
GetSysColorBrush
CharPrevA
GetDesktopWindow
WaitMessage
GetMenuStringA
DestroyWindow
LoadCursorW
GetMenuItemInfoA
OpenDesktopA
MessageBoxW
CharLowerBuffW
RegisterClassA
GetParent
GetInputState
IsCharAlphaW
ShowWindow
GetKeyState
SetClipboardViewer
GetMessageTime
GetClassNameA
SetMenuContextHelpId
DefWindowProcW
RegisterHotKey
OpenIcon
RegisterClassExA
PostThreadMessageW
SetScrollRange
ChangeMenuW
GetCursorInfo
CheckDlgButton
UnhookWinEvent
GetWindow
ModifyMenuA

gdi32

RoundRect
GetTextExtentPointW
DeleteDC
GetDeviceCaps
OffsetClipRgn
FloodFill
GetObjectW
EnumFontFamiliesExW
GetSystemPaletteEntries
CopyEnhMetaFileW
GetFontData
GdiGetBatchLimit
GetPixel
CreateEnhMetaFileW
GetCharABCWidthsW
CreateDCA

kernel32

SetEnvironmentVariableA
GetTimeZoneInformation
GetPrivateProfileStringW
VirtualFree
HeapAlloc
ConnectNamedPipe
ExitProcess
GetProfileIntA
FreeEnvironmentStringsA
ReleaseMutex
GetStartupInfoA
GetConsoleOutputCP
CloseHandle
FreeEnvironmentStringsW
GetCompressedFileSizeW
VirtualAlloc
WriteProfileStringW
SystemTimeToFileTime
QueryPerformanceCounter
TlsFree
GetModuleFileNameA
GetLocalTime
WriteConsoleOutputA
GetOEMCP
DeleteFileW
EnterCriticalSection
HeapCreate
GlobalGetAtomNameA
HeapValidate
TerminateProcess
GetStringTypeW
HeapFree
UnmapViewOfFile
VirtualQuery
GetEnvironmentStrings
LeaveCriticalSection
GetProcAddress
TlsAlloc
WriteFile
lstrcmpW
GetCurrentProcessId
GetStdHandle
TlsGetValue
GetVersion
GetTickCount
SetConsoleOutputCP
MultiByteToWideChar
GetPrivateProfileIntW
GetLastError
SetEvent
GetProfileStringW
GetThreadPriority
GetModuleHandleA
EnumCalendarInfoExW
WriteProfileSectionW
SetLastError
CreateNamedPipeW
GetFileType
GetCommandLineA
GetCPInfo
FindClose
GetACP
SetWaitableTimer
CompareStringA
SetHandleCount
DeleteFileA
HeapDestroy
UnhandledExceptionFilter
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
LCMapStringW
IsBadWritePtr
GetCurrentThreadId
CompareStringW
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetDiskFreeSpaceW
GetCurrentThread
WritePrivateProfileStringA
LocalHandle
OpenMutexA
InterlockedDecrement
CommConfigDialogW
GetEnvironmentStringsW
InterlockedIncrement
GetCurrentProcess
RtlUnwind
InterlockedExchange
GetStringTypeA
LCMapStringA
HeapReAlloc
SetFilePointer
GetSystemTime
GetExitCodeThread
GetFullPathNameA
TlsSetValue
GetStartupInfoW
GetPrivateProfileIntA
OutputDebugStringA
CreateMutexA
ReadFile
GetSystemTimeAsFileTime

comctl32

ImageList_Write
ImageList_Duplicate
InitCommonControlsEx
ImageList_SetBkColor
CreatePropertySheetPage
_TrackMouseEvent

wininet

UnlockUrlCacheEntryFileW
InternetUnlockRequestFile
InternetConnectA
InternetSetDialState

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b771fa637434b87c19d8a1feac4fb2f0

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

comctl32

wininet

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 108KB - Virtual size: 131KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 108KB - Virtual size: 131KB

.rsrc
Size: 20KB - Virtual size: 16KB