03743da586c5ba3355c9b83d32c978f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03743da586c5ba3355c9b83d32c978f7_JaffaCakes118
Size

128KB
MD5

03743da586c5ba3355c9b83d32c978f7
SHA1

4451d336d58fe5987c8337930f1231a612c85d68
SHA256

124f9279015091520e84cf7b28ba1cacc7f38176228992dbbf8fe8c24ace2cb2
SHA512

6799512cb5d00bc79d4a87df581348eadbeff19dd665302730a6a179b22d08523ee70d6afb419e9cc2ccbf3744aaaa4f836b5ee0a408f1ccd842c9fdbdf9003b
SSDEEP

3072:gxzHL9/injnTljiQzAb1RTpgstfTCOMhLhAAEZ:gpHBIjRNMb1RdllTCOgAAEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03743da586c5ba3355c9b83d32c978f7_JaffaCakes118

Files

03743da586c5ba3355c9b83d32c978f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe907334bb0ed999706aa060bb3b4039

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentThreadId
QueryPerformanceCounter
VirtualQuery
RtlUnwind
GetOEMCP
GetACP
IsBadWritePtr
HeapAlloc
VirtualAllocEx
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess
ReadFile
GetLastError
GetVersionExA
GetStartupInfoA
GetModuleHandleA
GlobalSize
GetCPInfo
LockResource
FindResourceW
FlushFileBuffers
TerminateThread
GetSystemTimeAsFileTime
GetModuleFileNameW
CreateProcessW
ExpandEnvironmentStringsW
lstrlenW
GetLocaleInfoW
OpenEventW
WideCharToMultiByte
InterlockedExchange
FormatMessageW
CompareStringA
GetUserDefaultLCID
FreeEnvironmentStringsW
GetLongPathNameW
PeekNamedPipe
GetSystemInfo
InterlockedCompareExchange
GetFileType
MultiByteToWideChar
lstrcpyW
EnterCriticalSection
WaitForSingleObject
GetCommandLineA
lstrcpynW
TlsAlloc
VirtualProtect
HeapDestroy
CreatePipe
FindNextFileW
WriteFile
SetStdHandle
WaitForMultipleObjects
GetCurrentDirectoryW
GetConsoleMode
GetStdHandle
SetCurrentDirectoryW
TlsGetValue
GetCurrentDirectoryA
GetCurrentProcessId
RaiseException
GetProcAddress
CloseHandle
HeapSize
FreeLibrary
HeapReAlloc
GetConsoleCP
GetEnvironmentStrings
SetFilePointer
GetTickCount
GetLocaleInfoA
FindClose
FindFirstFileW
GetModuleFileNameA
LocalAlloc
GetExitCodeProcess
GetTimeFormatA
VirtualFree
VirtualAlloc

user32

CallNextHookEx
GetMessageA
GetDC
GetSubMenu
RegisterWindowMessageW
BeginPaint
MoveWindow
CharUpperW
DestroyMenu
FillRect
wsprintfW
AppendMenuW
DeferWindowPos
SetCaretPos
ScreenToClient
GetMenuItemCount
SetDlgItemInt
UnhookWindowsHookEx
GetClientRect
DispatchMessageW
LoadImageW
SetCursor
IsDialogMessageA
CharLowerW
CreateCaret
GetScrollRange
SetMenu
IsIconic
RedrawWindow
ModifyMenuW
IsWindowVisible
LoadMenuW
DestroyAcceleratorTable
DrawEdge
GetKeyState
CreateDialogIndirectParamW
ShowCaret
GetDlgItem
MapWindowPoints
GetDlgItemTextW
SetWindowPlacement
DrawMenuBar
MessageBoxW
IsClipboardFormatAvailable
GetMonitorInfoW
CreateMenu
DrawTextExW
PeekMessageW
SetWindowsHookExW
SetWindowTextW
GetSysColor
SystemParametersInfoW
SetFocus
DialogBoxIndirectParamW
RealChildWindowFromPoint
GetMenuItemID
IsWindowUnicode
SetWindowPos
CreateAcceleratorTableW
BeginDeferWindowPos
GetActiveWindow
DragDetect
DeleteMenu
InsertMenuW
EmptyClipboard
InsertMenuItemW
RemoveMenu
RegisterClassExW
PostQuitMessage
SetDlgItemTextW

gdi32

GetDeviceCaps
MoveToEx
GetTextExtentPointW
PatBlt
CreatePatternBrush
CreatePen
StartDocW
StartPage
OffsetWindowOrgEx
SetTextColor
SetTextAlign
GetPixel
GetTextMetricsW
ExtTextOutW
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RestoreDC
GetTextExtentPoint32W
CreateFontW
DeleteDC
GetROP2
EndPage
CreateFontIndirectW
AddFontResourceW
SetBrushOrgEx
EnumFontFamiliesExW
RemoveFontResourceW
LineTo
SetROP2
DeleteObject
SetBkColor
SetBkMode
CreateBitmap
GetStockObject
GetObjectW
DPtoLP
SetWindowOrgEx
CreateSolidBrush
EndDoc

comdlg32

PageSetupDlgW
GetSaveFileNameW
PrintDlgA
ChooseColorA
GetOpenFileNameW
GetSaveFileNameA
ChooseFontA
PageSetupDlgA
ReplaceTextW
ChooseColorW
GetOpenFileNameA
ChooseFontW
FindTextW
PrintDlgW
GetFileTitleW
FindTextA
ReplaceTextA
GetFileTitleA

advapi32

RegCreateKeyA
RegSetValueExW
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExA
RegFlushKey
RegQueryValueExA
RegDeleteKeyA
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCreateKeyW
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe907334bb0ed999706aa060bb3b4039

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 84KB - Virtual size: 131KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 84KB - Virtual size: 131KB

.rsrc
Size: 4KB - Virtual size: 4KB