f809f03e81cfaddcf44c51c4f19e239a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f809f03e81cfaddcf44c51c4f19e239a_JaffaCakes118
Size

220KB
MD5

f809f03e81cfaddcf44c51c4f19e239a
SHA1

ff9790d7902fea4c910b182f6e0b00221a40d616
SHA256

d4ff4b73d7e89f80d78239a349c0197022c9d9306e5b59fdb71894040bc36489
SHA512

59fff00baf8db70dea58ab1815b0e964e7b6a0470e8f13ad81b80f5c19b3162381333d4921d43e7c99e452cf3987bbfc860564f0c473ef5f65c4ebe48b1a016e
SSDEEP

6144:P2qQCUNQcAjmFRZYfuiCmytcpJuEp2Yi3S:PWQcAejYfugymWEp2NS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f809f03e81cfaddcf44c51c4f19e239a_JaffaCakes118

Files

f809f03e81cfaddcf44c51c4f19e239a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9f7242fd91f70b70a83d6302ce227b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CloseHandle
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
EnumResourceTypesA
SetHandleCount
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersion
GetConsoleTitleW
GetModuleHandleA
SetConsoleTitleW
FindNextFileA
WaitForMultipleObjects
LockResource
LoadLibraryA
GetLocalTime
GetProcAddress
GetCurrentDirectoryW
GetLastError
FindFirstFileA
MultiByteToWideChar
TerminateProcess
HeapCreate
GetVersionExW
GetConsoleWindow
CreateEventA
InterlockedDecrement
GetLogicalDrives
GetCurrentProcess
UpdateResourceA
HeapAlloc
LoadResource
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
SizeofResource
Sleep
GetEnvironmentStringsW
FindResourceExA
lstrlenA
GetFileType
FreeResource

user32

EnableWindow
ShowWindow
SetWindowPos
DefWindowProcA
LoadImageA
GetDlgItem
ReleaseDC
CreateWindowExA
GetWindowLongA
ModifyMenuA
EndDialog
SetWindowTextA
GetAsyncKeyState
GetKeyboardLayout
EndPaint
DestroyWindow
SetCursor
EnumDisplayDevicesW
SetTimer
GetWindowRect
CreateDialogParamA
PostQuitMessage
KillTimer
GetFocus
wsprintfA
FindWindowW
GetClientRect
CreateMenu
SetFocus
SendMessageA
SetRectEmpty
BeginPaint
DlgDirListA
GetDC
GetForegroundWindow
GetWindowTextA

gdi32

CreateDCA
GetStockObject
GetObjectA
MoveToEx
BitBlt
LineTo
DeleteDC
SetBkColor
ExtTextOutA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen

winspool.drv

EnumPrintersA

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathA
DragQueryFileA

ole32

CreateItemMoniker
CoInitialize
CoInitializeEx
RegisterDragDrop
CoInitializeSecurity
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoGetClassObject
OleInitialize

oleaut32

SysAllocStringByteLen
VariantTimeToSystemTime
VariantInit
SystemTimeToVariantTime

msvfw32

ICInfo
ICClose
ICGetInfo
ICOpen

msacm32

acmStreamOpen
acmStreamPrepareHeader
acmStreamClose

winmm

PlaySoundW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

StrToIntExA

comctl32

ord6

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9f7242fd91f70b70a83d6302ce227b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

msvfw32

msacm32

winmm

version

shlwapi

comctl32

imm32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 11KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 11KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 8KB