047de0fe166484d49f5bac6d78e850f9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

047de0fe166484d49f5bac6d78e850f9_JaffaCakes118
Size

301KB
MD5

047de0fe166484d49f5bac6d78e850f9
SHA1

c797c9c297f41bd897d7b5c52a88f934929aa6bc
SHA256

ded1745c3f7876fb36be45332c42fc68705a0f18429fba72c0746d6bbbbea34c
SHA512

7f153716e7637ba59a65d3704d273fc0e2822493a326b9031fe3170218773211a6b88d3d50016082d08bbf4b2fc6ef39ac63be4ecf41e1384f003cc47cc7ceb8
SSDEEP

6144:NmLnvwxBrG0+mMF0smS8cWheXAOjZEnP+LgsR8QoICSjeDY9w32L1ktjp74q:swxBK0nMF0dS8zEXAjmk6wIZq7sMp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047de0fe166484d49f5bac6d78e850f9_JaffaCakes118

Files

047de0fe166484d49f5bac6d78e850f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af44d83e15e5dd0d0de1a0480e0695ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

gdi32

SetBkMode
CreateCompatibleDC
GetDeviceCaps
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

user32

PostQuitMessage
SetWindowPos
DispatchMessageA
EndPaint
PeekMessageA
GetDC
GetCursorPos
ReleaseDC
GetClientRect
GetKeyState
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetSubMenu
CreateWindowExA
FillRect
SetFocus
GetMessageA
BeginPaint
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetWindowLongA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
SendMessageA
GetDesktopWindow
SetForegroundWindow
GetFocus
EndDialog
MessageBoxA
GetSysColor
PtInRect
InvalidateRect
wsprintfA
CallWindowProcA
SetCursor

kernel32

WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetStdHandle
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
ExpandEnvironmentStringsA
CreateFileA
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
LoadLibraryW
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetLocalTime
CreateMutexA
GetModuleHandleA
CreateThread
SetUnhandledExceptionFilter
MulDiv
VirtualAlloc
FindResourceA
Sleep
VirtualFree
FindResourceW
UnmapViewOfFile
IsValidCodePage
CreateProcessA
SizeofResource
GetVersion
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
VirtualQuery
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
GetProcAddress
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetSystemInfo
GlobalLock
DeleteFileW
SetEvent
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
HeapCreate
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GetConsoleMode
GetSystemDirectoryA

oleaut32

SysStringLen
SysAllocStringLen
VariantClear

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af44d83e15e5dd0d0de1a0480e0695ac

Headers

File Characteristics

Imports

ole32

gdi32

advapi32

user32

kernel32

oleaut32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 3KB - Virtual size: 3KB