4061486b196112726cd328386e3bca8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4061486b196112726cd328386e3bca8f_JaffaCakes118
Size

184KB
MD5

4061486b196112726cd328386e3bca8f
SHA1

e5025bb6e7a7bb3e99a2d7d68b034a55d249c8be
SHA256

603bd70d0cf9bcb22f821c230fd5f12ac304677b9f2e602d4749298a87835727
SHA512

8b279bfbc9a9a5a1386d89cb86faba5e8fd8be0989cf1820113975d6965e253be5001e51f681e0c1b5f171301a7f91988bd7e5d29bba93ffa1deceb765df9ecf
SSDEEP

3072:3vctlCu0OWynsGtyQNsaG0JZHpYvF6rwLduJyoFYAIkDIzGvjP6++iMHkm:/ct1FVqN6iWljDIzGv71+iMHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4061486b196112726cd328386e3bca8f_JaffaCakes118

Files

4061486b196112726cd328386e3bca8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22f4ef1b4d8d2346f8b7058f0be5699d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA
SizeofResource
FindResourceA
GetLastError
LoadLibraryExA
LoadResource
lstrcpynA
IsDBCSLeadByte
lstrcmpiA
GetCurrentThreadId
GetCommandLineA
InitializeCriticalSection
lstrcpyA
lstrcatA
DeleteCriticalSection
MultiByteToWideChar
lstrlenA
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetWindowsDirectoryA
CreateFileA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
CloseHandle
GetUserDefaultLangID
InterlockedIncrement
GlobalAlloc
GlobalLock
lstrlenW
GetLocaleInfoA
GetSystemDefaultLCID
CreateMutexA
WriteFile
InterlockedDecrement
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
RaiseException
ExitProcess
GetVersion
GetStartupInfoA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
LocalFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
IsBadCodePtr
GlobalUnlock
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
GetStringTypeW
ReadFile
SetStdHandle
VirtualFree
FlushFileBuffers
GetStringTypeA
SetFilePointer

user32

wsprintfA
GetDlgCtrlID
RegisterClipboardFormatA
CreateWindowExA
SetForegroundWindow
LoadStringA
FindWindowA
PostQuitMessage
DefWindowProcA
PostThreadMessageA
DispatchMessageA
GetMessageA
PostMessageA
CharNextA
RegisterClassA
LoadIconA
DialogBoxParamA
EnumChildWindows
SetWindowTextA
EnableWindow
CallWindowProcA
SetWindowLongA
GetParent
GetDlgItem
EndDialog
GetSystemMenu
EnableMenuItem
GetWindowRect
WinHelpA

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA

ole32

CreateDataAdviseHolder
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoUninitialize
CoSuspendClassObjects
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

VariantClear
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocString

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

hccutils

GetAttachedMonitorDevice
IsDisplayValid
LoadDialogString
EnumDeviceByClass
FindResources
GetDisplayDevice
LoadSTRING
FindDeviceByNameAndClass
GetCUIDriverFromClassDevice
ReleaseClassDevice

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sbtwvan
Size: 60KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22f4ef1b4d8d2346f8b7058f0be5699d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

version

hccutils

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 136KB - Virtual size: 164KB

sbtwvan Size: 60KB - Virtual size: 76KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 136KB - Virtual size: 164KB

sbtwvan
Size: 60KB - Virtual size: 76KB