3aa1f92de539b8e32c420a8a07fa0e10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aa1f92de539b8e32c420a8a07fa0e10_JaffaCakes118
Size

297KB
MD5

3aa1f92de539b8e32c420a8a07fa0e10
SHA1

f2b515d2c6f4ce79aa65bbbbd8b52af89a9c5cbd
SHA256

6060f08362a01ae024a9630a39108e22ef9a71bd46c4f28514faa90a2f121995
SHA512

019dd3ca4afa024d523f7353541a803ed9260b916d77ed1278e0dbbdaf33a6c0928d87b2d1450130370926080bed8ea011f969ac75f7431d5655d94aa7883ec1
SSDEEP

6144:P/aMTESwKASyHvQJFGrNsNCTX1uHwSfQw++nnQ:KMXwb1rr8HwGb++nQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa1f92de539b8e32c420a8a07fa0e10_JaffaCakes118

Files

3aa1f92de539b8e32c420a8a07fa0e10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dff3791d77ffe00657a2642901cb8c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
LoadLibraryW
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetStringTypeW
GetModuleFileNameW
GetStdHandle
ExitProcess
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapReAlloc
FlushFileBuffers
CreateEventA
GetLastError
GetCurrentProcessId
CloseHandle
CreateFileA
GetFileSize
ReadFile
lstrlenA
WriteFile
lstrcatA
HeapCreate
HeapAlloc
GetProcAddress
FreeLibrary
LoadLibraryA
GetConsoleTitleA
GetTickCount
SetConsoleTitleA
Sleep
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
GetStartupInfoW
GetConsoleWindow
EnumDateFormatsA
GetModuleHandleA
GetModuleFileNameA
HeapSetInformation
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
CreateFileW

user32

wsprintfA
UpdateWindow
SetWindowLongA
SetWindowPos
GetCursorPos
CreatePopupMenu
ShowWindow
SetWindowPlacement
MessageBoxA
TrackPopupMenuEx
CopyImage
GetDlgItem
FindWindowA
GetClientRect
InvalidateRect
CreateMenu
InsertMenuItemA
SendMessageA
DialogBoxParamA
CreateDialogParamA
LoadIconA
SetClassLongA
DestroyWindow
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
GetDlgItemTextA
BeginPaint
ReleaseDC
GetDC
LoadBitmapA
EndPaint
PostQuitMessage
DefWindowProcA
DestroyIcon
DispatchMessageA
GetMessageA
SendMessageTimeoutA
CreateWindowExA
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
GetWindowRect
OffsetRect
InflateRect
GetSysColorBrush
FrameRect
FillRect

gdi32

DeleteObject
SetBkMode
MoveToEx
SetTextAlign
TextOutW
SelectObject
CreateCompatibleDC
BitBlt
DeleteDC
SelectPalette
RealizePalette
UpdateColors
GetObjectA
CreateBitmap
GetStockObject
Rectangle
Ellipse
SetTextColor
CreateSolidBrush
CreatePen
FillRgn

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

shell32

SHGetFileInfoA
DragQueryFileA
ShellExecuteA

ole32

OleGetClipboard
ReleaseStgMedium

mpr

WNetConnectionDialog

comctl32

ord17
ImageList_ReplaceIcon
CreatePropertySheetPageW

gdiplus

GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipSaveImageToFile
GdiplusStartup

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dff3791d77ffe00657a2642901cb8c4a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

mpr

comctl32

gdiplus

Sections

.text Size: 233KB - Virtual size: 233KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 233KB - Virtual size: 233KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 7KB - Virtual size: 6KB