110f556cde9e39d120773c2b9480128e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

110f556cde9e39d120773c2b9480128e_JaffaCakes118
Size

364KB
MD5

110f556cde9e39d120773c2b9480128e
SHA1

45067dea2f48547dfa60e6af6769c6f7c0224448
SHA256

a87f2a0fdc6bc50d82893918eb4b054beb8b151d666b620bc584f928f74b6b45
SHA512

29c85e06bfda7754d71b65d494fafbc016dff1904f37097a8b7580306fe0596f3a1c384b539ec56c417cbfa550a3be9d950f8af970147d83d5abf98dd0efdc91
SSDEEP

6144:0UflTr8QmcKHNyzdIEXIoxeh6uaPbm2pix0dg5m6o6BusoQqkOgFabpVuVwEOAnL:PTUcKHNUqEYoxeh6uaPbm2p20MK6Bu72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110f556cde9e39d120773c2b9480128e_JaffaCakes118

Files

110f556cde9e39d120773c2b9480128e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03ce28014f7c84b78d25ee5ea2e2263e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDeviceCaps
SetTextColor
DeleteDC
GetStockObject
BitBlt

oleaut32

VariantInit
SysStringLen
VariantClear
SysAllocString

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GetUserDefaultLCID
GetUserDefaultLangID
GetCommandLineW
GetModuleHandleW
GetSystemDefaultLCID
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
SizeofResource
GetCurrentThreadId
GlobalLock
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
WaitForMultipleObjects
FindNextFileA
CreateFileMappingA
CompareStringA
FindNextFileW
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
GetVersion
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
InterlockedDecrement
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime

user32

SetTimer
PtInRect
GetWindowLongA
CheckMenuItem
SetWindowTextA
SetWindowLongA
PostMessageA
IsIconic
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
EndDialog
FillRect
CreateWindowExA
GetSubMenu
EnableMenuItem
IsWindowEnabled
PeekMessageA
EnableWindow
GetDlgItem
GetParent
GetMessageA
DestroyWindow
GetActiveWindow
SendMessageA
TranslateMessage
UnregisterClassA
GetCursorPos
GetDC
SetWindowPos
PostQuitMessage
SetForegroundWindow
GetFocus
GetSysColor
SystemParametersInfoA
InvalidateRect
wsprintfA
GetClientRect
CallWindowProcA
ReleaseDC
ScreenToClient
LoadCursorA
TrackPopupMenu
UpdateWindow
GetDesktopWindow
DispatchMessageA

msvcrt

_strcmpi
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
exit
_exit
free

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03ce28014f7c84b78d25ee5ea2e2263e

Headers

File Characteristics

Imports

gdi32

oleaut32

advapi32

version

kernel32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 333KB - Virtual size: 333KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 333KB - Virtual size: 333KB

.rsrc
Size: 2KB - Virtual size: 1KB