405979c22d83f65c4cdea2045ab84a3d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

405979c22d83f65c4cdea2045ab84a3d_JaffaCakes118
Size

524KB
MD5

405979c22d83f65c4cdea2045ab84a3d
SHA1

ba55841bce4f6c9b9b4d1d0c4666ffbfafc2c8c0
SHA256

b81a0a6fba63061930131532604351d232950e2f319cd31c1134f368f5f05b72
SHA512

d6e74c8cd4d183534a1994815f767197145a2ef95e056bd6ecef9a2326d22e98369a8a01aa2baec4f23b84e8c8b0a54786ddbede5d5362ac7abe8c43797c2369
SSDEEP

12288:d3c/e5eY1e73R+jFwn0GqKAJeno0tSfZzbF87zLMcZQwxSVzz:ds99DRUJGPn1sADxQeSVzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
405979c22d83f65c4cdea2045ab84a3d_JaffaCakes118

Files

405979c22d83f65c4cdea2045ab84a3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0826cee0051de04c9f02b473604f8bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantClear
SysFreeString
SysStringLen

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

SetWindowPos
IsWindow
EndPaint
GetDC
GetCursorPos
GetClientRect
TrackPopupMenu
DestroyWindow
GetParent
UpdateWindow
ShowWindow
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetSubMenu
SetTimer
FillRect
DispatchMessageA
MapWindowPoints
PeekMessageA
ReleaseDC
ClientToScreen
SetFocus
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
IsIconic
SetCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
wsprintfA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
EndDialog
MessageBoxA
GetSysColor
PostMessageA
SystemParametersInfoA
PostQuitMessage
SetForegroundWindow
BeginPaint
SetCursor
IsWindowVisible
InvalidateRect
SendMessageA
CallWindowProcA
GetFocus
EnableWindow

kernel32

CreateMutexA
GetLocalTime
DuplicateHandle
GetModuleHandleA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
LoadLibraryW
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
FormatMessageW
GetExitCodeProcess
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
LoadLibraryExW
VirtualAlloc
FindResourceA
VirtualFree
FindResourceW
HeapCreate
IsValidCodePage
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
Sleep
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
GlobalLock
WaitForMultipleObjects
CreateThread
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetEvent
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
CreateEventW
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
MultiByteToWideChar

ole32

CoCreateInstance
CoTaskMemAlloc
CoUninitialize

gdi32

DeleteDC
GetStockObject
SetTextColor
SelectObject
SetBkMode
DeleteObject
GetDeviceCaps

advapi32

RegSetValueExW
RegCloseKey

msvcrt

exit
_exit
_cexit

Sections

.text
Size: 452KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0826cee0051de04c9f02b473604f8bb

Headers

File Characteristics

Imports

oleaut32

version

user32

kernel32

ole32

gdi32

advapi32

msvcrt

Sections

.text Size: 452KB - Virtual size: 449KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 452KB - Virtual size: 449KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 2KB