182fd259b30436e16bae64e41a9a7f41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

182fd259b30436e16bae64e41a9a7f41_JaffaCakes118
Size

372KB
MD5

182fd259b30436e16bae64e41a9a7f41
SHA1

cd0f43ddb6db067529be0d371bddcbbdbf4ede04
SHA256

e43919f653fb0c069059b4edad19d650b25ba67538c5914091eec36bd5ab88b5
SHA512

3b607a27a39e2fea6b2c0ec683c6ac0d8c8b0bb18301ce72ec962e40efe54f4a6400b7c2450793e94ac34bb70d0aee73da990b30d5200aba84d51a3f6937cd20
SSDEEP

6144:5kiO7CjyrZNzKU8ioiNklYvPLECGPZEA+1TSNtVuxdp9hlG+bufe/KO2:iiRyrZ6i2YXb1eNfWp9qfKp2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
182fd259b30436e16bae64e41a9a7f41_JaffaCakes118

Files

182fd259b30436e16bae64e41a9a7f41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8821bfbdb824d54151633342feb02f85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
MoveWindow
PostQuitMessage
SetWindowPos
IsWindow
EndPaint
GetDC
GetCursorPos
ReleaseDC
UnregisterClassA
DestroyWindow
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
IsWindowEnabled
LoadStringA
GetWindowLongA
SetTimer
FillRect
DispatchMessageA
SetFocus
PeekMessageA
BeginPaint
DefWindowProcA
GetSystemMetrics
GetWindowRect
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
MessageBoxA
GetFocus
GetSysColor
SystemParametersInfoA
IsWindowVisible
InvalidateRect
wsprintfA
DrawTextA
GetClientRect
CallWindowProcA
SetCursor

kernel32

RtlUnwind
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
IsValidCodePage
SizeofResource
SetStdHandle
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCPInfo
LockResource
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
ExpandEnvironmentStringsA
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
FindNextFileW
CreateProcessA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime

gdi32

BitBlt
SetBkColor
CreateFontIndirectA
GetStockObject
SelectObject
CreateSolidBrush

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegDeleteValueA
OpenProcessToken
RegDeleteKeyA
GetTokenInformation

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8821bfbdb824d54151633342feb02f85

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 4KB - Virtual size: 1KB