270747a5f2694357951cfeb643eedc4a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

270747a5f2694357951cfeb643eedc4a_JaffaCakes118
Size

455KB
MD5

270747a5f2694357951cfeb643eedc4a
SHA1

a73c3a7b2a2507be1e42603826ed5d9e0ec4e126
SHA256

e4c3556aa62b63533da28b770edabc399e4ab47feef1df8b6a1ac6f4b6a35d71
SHA512

38607b188d082a841678444916c8867667b98c51fe6aed1a63163fa31e12e360798ba04e9ca42137205c1b6fa53ad121714398aaf14a0635d4e0e6ab25ca2efa
SSDEEP

12288:Mdi8kaNQR/LUabh5ZQPGXHIFFv5UC5SYUFP6Cql:Mdi8VQR/LUeQuXIFFv53UFP69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
270747a5f2694357951cfeb643eedc4a_JaffaCakes118

Files

270747a5f2694357951cfeb643eedc4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68712f252b3a52e5b39bfeab7a4c575e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
lstrlenW
LockResource
GetCurrentProcessId
SizeofResource
VirtualFree
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
UnmapViewOfFile
SetStdHandle
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
GlobalFree
FindNextFileW
lstrcmpA
CreateProcessA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
GetACP
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
LocalFree
SetEvent
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
LoadLibraryW
GetCPInfo
GetTempPathA
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetCommandLineW
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetModuleHandleW
InterlockedExchange
GetEnvironmentStrings
IsValidCodePage
WideCharToMultiByte
HeapCreate
WriteFile
CreateProcessW
Sleep
VirtualAlloc
CloseHandle
GetOEMCP

ole32

CoUninitialize
CoTaskMemFree

user32

SetFocus
EndPaint
DispatchMessageA
FillRect
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
DefWindowProcA
UpdateWindow
GetParent
GetMessageA
DestroyWindow
PeekMessageA
GetClientRect
SendMessageA
UnregisterClassA
ReleaseDC
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow
SetDlgItemTextA
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
InvalidateRect
DrawTextA
CallWindowProcA
SetCursor
BeginPaint
GetSystemMetrics
IsIconic
SetCapture
SetWindowLongA
SetWindowTextA
GetSubMenu
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
GetSystemMenu
EndDialog
GetActiveWindow
GetFocus

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueW

gdi32

SelectObject
DeleteObject
BitBlt
DeleteDC

msvcrt

_strcmpi
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68712f252b3a52e5b39bfeab7a4c575e

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

gdi32

msvcrt

Sections

.text Size: 278KB - Virtual size: 278KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 278KB - Virtual size: 278KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 6KB - Virtual size: 5KB