082f6599f5722caa77757bd202966377_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

082f6599f5722caa77757bd202966377_JaffaCakes118
Size

412KB
MD5

082f6599f5722caa77757bd202966377
SHA1

5b6cd0313210a5b06dcd5234d2993d275eafb5d4
SHA256

e878923af5a2cf4d377045c1e67bdd7fa2aed41e143f344d92ca84dc0257c940
SHA512

9338fc117b791bb12117903083a34fd3a0a53916b8bd68a487e5ac2970eedb759c4a9ed23e8cf0681e54a7f6f3bdae38bb0c43874f86186d22b56f9a2152bafc
SSDEEP

6144:ST/3HwjroXQENEB2TzXr/uC/HwU83rstLKV5+WPxs5GrfM:ST/3Hwjr2EB+f/5P03r7jrU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082f6599f5722caa77757bd202966377_JaffaCakes118

Files

082f6599f5722caa77757bd202966377_JaffaCakes118
.exe windows:4 windows x86 arch:x86

047122cfd11f0425daf5c65d9609b599

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchBlt
CreateCompatibleDC
StartDocW
GetLogColorSpaceA
EnumICMProfilesW
GetTextCharset
CreateDIBPatternBrushPt
CloseMetaFile
CreateBrushIndirect
SetMapMode
EnumMetaFile
LPtoDP
GetAspectRatioFilterEx
PolyTextOutA
SetMagicColors
ExtTextOutW
CreateDIBSection
GetRegionData
CreateEnhMetaFileW
IntersectClipRect
SetEnhMetaFileBits
GetGlyphOutlineA
PtVisible
GetPolyFillMode

wininet

InternetGetCertByURL
FtpPutFileW
CreateUrlCacheEntryW
FreeUrlCacheSpaceW
FtpGetCurrentDirectoryW

user32

FindWindowA
GetMonitorInfoW
DestroyWindow
IsWindowUnicode
IsZoomed
GetClassNameW
DeleteMenu
LoadImageA
GetWindowTextA
RegisterClassW
MessageBoxW
RegisterClassExA
DefMDIChildProcW
CreateWindowExW
LoadAcceleratorsA
DrawFrameControl
EqualRect
ValidateRgn
GetProcessWindowStation
SetMenuItemInfoW
UnregisterClassW
UnloadKeyboardLayout
DdeUnaccessData
DefWindowProcA
SetClassWord
DefDlgProcA
GetMenuStringW
PtInRect
wvsprintfA
EnableScrollBar
LoadKeyboardLayoutW
RegisterClassA
DlgDirListComboBoxA
CallWindowProcA
RegisterClipboardFormatA
ChildWindowFromPointEx
SetPropW
IsClipboardFormatAvailable
ShowWindow
FrameRect
CharLowerW
DlgDirSelectComboBoxExA
SetActiveWindow
SendNotifyMessageA
DestroyAcceleratorTable

shell32

CheckEscapesW
SHAppBarMessage
ExtractIconA
RealShellExecuteExW

kernel32

QueryPerformanceCounter
CloseHandle
GetCurrentThread
GetSystemInfo
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
IsValidLocale
GetFileAttributesW
GetCPInfo
GetStartupInfoA
SetEnvironmentVariableA
MoveFileExW
WriteFile
LoadModule
FreeEnvironmentStringsW
GetStdHandle
EnterCriticalSection
HeapReAlloc
LeaveCriticalSection
TlsSetValue
GetCurrentProcessId
LCMapStringW
GetEnvironmentStrings
GetTimeZoneInformation
GetLocaleInfoW
GetModuleHandleA
ExitProcess
GetFileType
CreateMutexA
GetDateFormatA
FormatMessageA
GetCommandLineW
VirtualAlloc
FindFirstFileExA
IsBadWritePtr
CreateFileMappingW
GetTickCount
GetCommandLineA
GetUserDefaultLCID
GetCurrentThreadId
ReadFile
GetProcAddress
CompareStringA
SetCurrentDirectoryW
GetACP
GetTimeFormatA
SetFilePointer
HeapFree
InitializeCriticalSection
GetUserDefaultLangID
SetHandleCount
GetOEMCP
DeleteCriticalSection
HeapAlloc
FormatMessageW
GetLocaleInfoA
SetStdHandle
GetStringTypeA
VirtualQuery
CompareStringW
SetLastError
LoadLibraryA
HeapCreate
GetModuleFileNameW
WideCharToMultiByte
UnhandledExceptionFilter
OpenMutexA
GetStringTypeW
HeapSize
FreeEnvironmentStringsA
TlsFree
HeapDestroy
TlsGetValue
CreateFileW
GetLastError
GetSystemTimeAsFileTime
MultiByteToWideChar
GetStartupInfoW
GetVersionExA
lstrcat
TerminateProcess
LCMapStringA
InterlockedExchange
EnumSystemLocalesA
SetConsoleScreenBufferSize
TlsAlloc
VirtualProtect
VirtualFree
GetCurrentProcess
FlushFileBuffers
IsValidCodePage

comctl32

ImageList_Remove
ImageList_GetBkColor
InitCommonControlsEx
ImageList_DragMove
CreateToolbarEx
ImageList_GetFlags
ImageList_DragEnter
CreateStatusWindowA
ImageList_DrawEx
ImageList_Create
MakeDragList
ImageList_GetImageInfo
ImageList_SetFlags
GetEffectiveClientRect
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Read

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

047122cfd11f0425daf5c65d9609b599

Headers

File Characteristics

Imports

gdi32

wininet

user32

shell32

kernel32

comctl32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 100KB - Virtual size: 120KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 100KB - Virtual size: 120KB

.rsrc
Size: 68KB - Virtual size: 66KB