4530fc8e9b9d69d624d1526ba525e34f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4530fc8e9b9d69d624d1526ba525e34f_JaffaCakes118
Size

444KB
MD5

4530fc8e9b9d69d624d1526ba525e34f
SHA1

3d021f68596c46c533a072ceaed318f4c8886d64
SHA256

b960883fb0b52caa772c7d47d2d718b59a949f2657746d455ebf5d32aba1b961
SHA512

5489aeff96571dba6b055da8839d7babca6221fa0682aec67cd4f88a8962727cb41f3cd740fad37f94576b02c950c250f77cdbbef87cf88133ff4697c587b0af
SSDEEP

6144:XHESfJs2qJKDUXe2bWeBAdY8i3/PWqcvzUz/0zzLIIeKsb1sOxWHmHAyzCnWHK:XHHfJOyaq14PWq6YzaOjbStNfgK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4530fc8e9b9d69d624d1526ba525e34f_JaffaCakes118

Files

4530fc8e9b9d69d624d1526ba525e34f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc08c584eee9043ac43bc5ca029a377e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohl
inet_addr
inet_ntoa
WSACleanup
gethostname
WSAStartup
gethostbyname

kernel32

FindResourceA
GetDiskFreeSpaceExA
IsDBCSLeadByte
Sleep
LoadResource
CloseHandle
GetLastError
CreateMutexA
GetTempPathA
GetVersionExA
GetCurrentDirectoryA
GetModuleHandleA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LockResource
SizeofResource
GetModuleFileNameA
SetUnhandledExceptionFilter
SetEndOfFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentThreadId
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
WriteFile
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
LoadLibraryA
FreeLibrary
WideCharToMultiByte
lstrlenA
GetProcAddress
MultiByteToWideChar
LCMapStringA
IsBadWritePtr
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
RtlUnwind
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
InterlockedIncrement
CreateDirectoryA
InterlockedDecrement
GetStartupInfoA
GetVersion
GetCommandLineA
ExitProcess
HeapFree
DeleteFileA
GetSystemTime
GetFileAttributesA
GetTimeZoneInformation
GetLocalTime

user32

GetDlgItem
ShowWindow
FillRect
LoadStringA
GetSysColor
SetWindowLongA
PeekMessageA
MoveWindow
SetWindowPos
LoadBitmapA
GetCursorPos
LoadMenuA
GetSubMenu
SetForegroundWindow
TrackPopupMenu
SetFocus
MessageBoxA
EndDialog
LoadImageA
CreateDialogParamA
SetWindowTextA
SetDlgItemTextA
GetDlgCtrlID
SendMessageA
KillTimer
InvalidateRect
SetTimer
GetParent
EndPaint
PostMessageA
DialogBoxParamA
OffsetRect
GetWindowLongA
DefWindowProcA
CallWindowProcA
DrawTextA
IsWindow
LoadCursorA
SetCursor
BeginPaint
GetWindowTextA
GetClientRect

gdi32

CreateSolidBrush
GetTextMetricsA
SelectObject
SetTextColor
SetBkColor
SetBkMode
DeleteObject
GetObjectA
CreateFontIndirectA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA
SHBrowseForFolderA
SHGetSpecialFolderPathA

ole32

CoLoadLibrary
CoFreeLibrary

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 332KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc08c584eee9043ac43bc5ca029a377e

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 24KB

.WYCao Size: 332KB - Virtual size: 344KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 24KB

.WYCao
Size: 332KB - Virtual size: 344KB