160d6b9b070520ca846fbd47ee6bd648_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

160d6b9b070520ca846fbd47ee6bd648_JaffaCakes118
Size

876KB
MD5

160d6b9b070520ca846fbd47ee6bd648
SHA1

8b1f06834a10a206723623a0d345e17a81ec2c55
SHA256

b5ad34a652cb85962a6d35cc9699c9de78053d390fe9e8bc380c26a815158124
SHA512

a59c24255728c93c33dcdaed19821479b9fb49a1a305b19a61963837015b8a5d1c79892b665e163c98520841ce0af7398d7142d4348321d30f367254e00f88d2
SSDEEP

24576:BJKZ4CArUu05U/9QcNSVsoqEGi6ds2VLpN:BJK+JYQ1JosvVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160d6b9b070520ca846fbd47ee6bd648_JaffaCakes118

Files

160d6b9b070520ca846fbd47ee6bd648_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d48ba10ec5eb07f996976d21b561902a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1576

gdi32

SetBkMode
CreatePatternBrush
GetViewportExtEx
SetRectRgn
GetStockObject
GetTextExtentPoint32W
RestoreDC
BitBlt
DeleteObject
StartDocA
ExtCreatePen
GetCurrentObject
CreateCompatibleDC
CombineRgn
DPtoLP
SetBkColor
GetTextExtentPoint32A
SaveDC
MoveToEx
PaintRgn
PtInRegion
PolyBezier
SetViewportOrgEx
GetTextExtentPointA
GetDCOrgEx
DeleteDC
ExcludeClipRect
FrameRgn
GetBkMode
SelectObject
SelectClipRgn
GetBkColor
UnrealizeObject
RectVisible

advapi32

RegCreateKeyExA
InitializeSecurityDescriptor
RegQueryInfoKeyA
RegOpenKeyA
GetLengthSid
RegCloseKey

shell32

ord155
SHChangeNotify

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
ChooseColorA
ChooseFontA

kernel32

GetConsoleCP
GetTickCount
GetStringTypeA
InterlockedIncrement
WriteFile
SetStdHandle
GetConsoleOutputCP
LCMapStringW
GetFileType
GetVersionExA
GetACP
GetLocaleInfoA
GetCommandLineA
FlushFileBuffers
GetSystemTimeAsFileTime
GetCommandLineW
LoadLibraryW
LeaveCriticalSection
GetStartupInfoA
SetEnvironmentVariableA
GetCurrentThreadId
DeleteCriticalSection
LCMapStringA
IsDebuggerPresent
InitializeCriticalSection
CompareStringW
GetOEMCP
CompareStringA
QueryPerformanceCounter
HeapReAlloc
CreateMutexW
DebugBreak
VirtualQuery
TlsFree
TlsGetValue
HeapValidate
HeapCreate
GetLastError
VirtualAlloc
ExitProcess
GetModuleHandleW
GetCurrentProcess
TlsAlloc
TerminateProcess
SetLastError
SetFilePointer
HeapDestroy
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetProcAddress
CloseHandle
GetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
CreateFileA
RaiseException
FreeEnvironmentStringsA
ReadFile
GetModuleHandleA
RtlUnwind
GetCurrentProcessId
GetConsoleMode
GetEnvironmentStrings
HeapFree
GetTimeFormatA
UnhandledExceptionFilter
LoadLibraryA
HeapAlloc
IsBadReadPtr
TlsSetValue
GetProcessHeap
IsValidCodePage
WriteConsoleA
GetStringTypeW
GetStartupInfoW
GetTimeZoneInformation
InterlockedDecrement
InterlockedExchange
GetModuleFileNameA
SetHandleCount
WriteConsoleW
FreeEnvironmentStringsW
GetCPInfo
VirtualFree
OutputDebugStringW
GetModuleFileNameW
GetDateFormatA
WideCharToMultiByte
EnterCriticalSection
MultiByteToWideChar

comctl32

ImageList_Replace
InitCommonControlsEx

user32

CreateWindowExW
SendMessageW
GetKeyboardLayout
RegisterClassExW
GetMessagePos
SetActiveWindow
SetTimer
MessageBeep
IsWindowEnabled
BeginPaint
EmptyClipboard
RegisterClassW
PtInRect
EnumWindows
SetClipboardData
ShowWindow
LoadBitmapW
SetCursor
GetDCEx
RemoveMenu
GetWindowLongW
GetSysColor
GetSubMenu
ScreenToClient
GetParent
DestroyWindow
CopyRect
OffsetRect
SetFocus
LoadIconW
IsMenu
LoadCursorW
CloseClipboard
GetKeyState
GetWindowRgn
LoadAcceleratorsW
CreateDialogIndirectParamW
DeferWindowPos
IsWindowVisible
IsZoomed
MessageBoxW
LockWindowUpdate
EndPaint
DestroyAcceleratorTable
SetScrollPos
DefWindowProcW

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48ba10ec5eb07f996976d21b561902a

Headers

File Characteristics

Imports

mfc42

gdi32

advapi32

shell32

version

comdlg32

kernel32

comctl32

user32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 504KB - Virtual size: 500KB

.data Size: 112KB - Virtual size: 110KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 504KB - Virtual size: 500KB

.data
Size: 112KB - Virtual size: 110KB

.rsrc
Size: 32KB - Virtual size: 31KB