0a41ef5446041a5abddf4714725ecbbf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a41ef5446041a5abddf4714725ecbbf_JaffaCakes118
Size

232KB
MD5

0a41ef5446041a5abddf4714725ecbbf
SHA1

d6e9224aea293e266865dc0fa9058fe8fc2b5cd9
SHA256

b3dea5a029e833a5127ce4793ceda591f9d6d566a3b2f258980df0258c74aa52
SHA512

08cd7180669f1f13b075c9e7bf0a11a72de8e833a18cfef87456ed34d6da7fed192590b15a0693bacac520c31e270a9d8d16dd976a882c30b04d1d0dda64c578
SSDEEP

6144:pTQQ8lb/iZV3MycqXnQU9kekNh42uEkulHy/:p8Qob/S3awnQU9keo42lkulHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a41ef5446041a5abddf4714725ecbbf_JaffaCakes118

Files

0a41ef5446041a5abddf4714725ecbbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90c9bf012f57e1ff065a9f9d6f50f223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetCPInfo
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetVersion
GetStartupInfoA
HeapAlloc
HeapFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetLocaleInfoW
SetFilePointer
SetStdHandle
FlushFileBuffers
SetErrorMode
FindFirstFileA
CreateFileA
CreateFileMappingA
MapViewOfFile
ReadFile
UnmapViewOfFile
CloseHandle
LoadResource
SizeofResource
LockResource
FreeResource
FindResourceA
FindResourceExA
GetCurrentThreadId
CreateProcessA
FreeLibrary
GetLastError
GetVersionExA
GetCurrentProcess
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLCID
GetPrivateProfileStringA
lstrcatA
GetLocaleInfoA
GetWindowsDirectoryA
SetThreadLocale
GetCommandLineA
lstrcpyA
GetModuleFileNameA
lstrcmpiA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
VirtualFree
lstrcpynA

user32

PostQuitMessage
SetFocus
SetTimer
GetForegroundWindow
GetAsyncKeyState
LoadMenuA
GetSubMenu
EnableMenuItem
AttachThreadInput
TrackPopupMenu
DestroyMenu
ModifyMenuA
DeleteMenu
DialogBoxParamA
SetForegroundWindow
RemovePropA
SetPropA
GetPropA
UpdateWindow
CreatePopupMenu
CheckMenuItem
InsertMenuItemA
GetWindow
MoveWindow
ExitWindowsEx
EnumWindows
ChangeDisplaySettingsA
EnumDisplaySettingsA
DrawIcon
GetSystemMetrics
WinHelpA
RegisterWindowMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
LoadIconA
FindWindowA
CharPrevA
GetWindowTextA
SetWindowTextA
SetWindowPos
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
InvalidateRect
GetClassNameA
GetWindowRect
DeferWindowPos
SetWindowLongA
OffsetRect
DrawEdge
DrawIconEx
DrawStateA
DestroyIcon
SystemParametersInfoA
GetSystemMenu
MessageBeep
ShowWindow
DrawTextA
SetMenuItemInfoA
GetMenuItemCount
RegisterClassA
LoadCursorA
DefWindowProcA
SetCapture
ReleaseCapture
MessageBoxA
GetDesktopWindow
GetMenuItemInfoA
CheckMenuRadioItem
LoadImageA
InsertMenuA
CharNextA
GetDlgItem
CheckDlgButton
EnableWindow
CheckRadioButton
PostMessageA
GetDlgItemInt
SendDlgItemMessageA
EndDialog
SetDlgItemTextA
FillRect
IsDlgButtonChecked
wsprintfA
KillTimer
GetSysColor
IsWindowEnabled
CopyImage
GetWindowDC
GetDC
ReleaseDC
GetUpdateRect
CopyRect
BeginPaint
EndPaint
GetWindowLongA
IsWindowVisible
GetClientRect
GetParent
GetCursorPos
MapWindowPoints
PtInRect
SetCursor
SendMessageA
GetWindowThreadProcessId

gdi32

CreateFontIndirectA
CreateSolidBrush
GetCurrentObject
MoveToEx
LineTo
Ellipse
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetDeviceCaps
CreateDCA
CreateBitmap
SetTextColor
SetBkColor
GetPixel
GetObjectA
CreatePatternBrush
ExtSelectClipRgn
Polygon
CreateRectRgn
GetTextColor
SelectClipRgn
GetPaletteEntries
ExtEscape
CreateDIBSection
ExtTextOutA
Rectangle
SetBkMode
GetStockObject
CreatePalette
CreateDIBitmap
SetStretchBltMode
StretchBlt
UpdateColors
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
SelectPalette
PatBlt
DeleteObject
RealizePalette

advapi32

RegSetValueExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
GetUserNameA
RegDeleteValueA

shell32

FindExecutableA
Shell_NotifyIconA

comctl32

PropertySheetA
CreatePropertySheetPageA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

timeGetTime

msimg32

AlphaBlend

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90c9bf012f57e1ff065a9f9d6f50f223

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

version

winmm

msimg32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 24KB - Virtual size: 31KB

.rsrc Size: 40KB - Virtual size: 36KB

.prdata Size: 60KB - Virtual size: 60KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 40KB - Virtual size: 36KB

.prdata
Size: 60KB - Virtual size: 60KB