2334a83e5a2cbb19d7937fdbee4e1b6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2334a83e5a2cbb19d7937fdbee4e1b6b_JaffaCakes118
Size

1.6MB
MD5

2334a83e5a2cbb19d7937fdbee4e1b6b
SHA1

c98319c1bc39a99cbb4c91724ac2d69d31b851e5
SHA256

db529140e85710e42a626a27406aaef6d668a08776a48d689a161dea4f452ec9
SHA512

857b979b90fdfb2338370b170bd60b89a5fbeb0a000b5dc185421c5ae9087aa6d5220270e958258278dd5415f6b1972baffad1eace9f335b86cd81c931f478fa
SSDEEP

24576:leL9Lf2G6ClsvQphE1WBWVqyTbAcECMzJVaI6zHl1bJHRyo53:gR5MQfE1CWVqyTGJT6fbXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2334a83e5a2cbb19d7937fdbee4e1b6b_JaffaCakes118

Files

2334a83e5a2cbb19d7937fdbee4e1b6b_JaffaCakes118
.exe windows:5 windows x64 arch:x64

7bf5662a58c77413c519c7dbebb08c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

MPQEditor.pdb

Imports

kernel32

VirtualFreeEx
OpenProcess
ReadFile
HeapReAlloc
WideCharToMultiByte
GetCurrentDirectoryW
SetCurrentDirectoryW
AllocConsole
GetStdHandle
GetConsoleMode
SetConsoleMode
SetConsoleTitleW
FlushConsoleInputBuffer
FreeConsole
GetCurrentThreadId
ExpandEnvironmentStringsW
FindNextChangeNotification
EnterCriticalSection
LeaveCriticalSection
FindFirstChangeNotificationW
FindCloseChangeNotification
LoadLibraryExW
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
DeviceIoControl
GetDriveTypeW
GlobalReAlloc
RemoveDirectoryW
SetFileTime
WriteProcessMemory
VirtualAllocEx
GetCurrentProcess
TerminateProcess
WaitForSingleObject
SetLastError
CopyFileW
GlobalFree
HeapFree
GetProcessHeap
HeapAlloc
GetFileAttributesW
WriteFile
CreateFileW
CreateThread
Sleep
OpenEventW
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
FindClose
FindNextFileW
FindFirstFileW
SetThreadContext
GetThreadContext
LockResource
LoadResource
SizeofResource
FindResourceW
GetModuleFileNameW
CreateProcessW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetFileSize
WriteConsoleW
HeapSize
SetFilePointerEx
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
ReadConsoleW
GetConsoleCP
FlushFileBuffers
LCMapStringW
GetFileType
FreeLibraryAndExitThread
ExitThread
QueryPerformanceFrequency
GetModuleHandleExW
ExitProcess
GetCommandLineW
GetCommandLineA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FreeResource
GetVersionExW
GetTempPathW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetCurrentThread
GetCurrentProcessId
CreateDirectoryW
GetEnvironmentVariableW
IsDebuggerPresent
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
GetLastError
ResetEvent
SetEvent
MoveFileW
SetFilePointer
SetEndOfFile
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
EnumSystemLocalesW
GlobalUnlock
GlobalLock
GlobalAlloc
FormatMessageW
GetModuleHandleW
GetFileTime
GetFullPathNameW
CompareFileTime
DeleteFileW
ResumeThread
CreateFileMappingW
CreateMutexW
CreateRemoteThread
FreeLibrary
GetProcAddress
LoadLibraryW
MultiByteToWideChar
GetLocaleInfoW
ReleaseMutex

user32

SendMessageW
LoadStringW
SetWindowLongPtrW
CheckDlgButton
GetWindowLongPtrW
IsDlgButtonChecked
EndDialog
DialogBoxParamW
BeginDeferWindowPos
GetDC
RegisterClassExW
GetClassInfoExW
GetWindowPlacement
ReleaseDC
GetDlgItem
GetSysColor
DrawFocusRect
SetWindowTextW
GetDlgItemTextW
GetAsyncKeyState
SetDlgItemTextW
GetClientRect
CreateDialogParamW
InvalidateRect
BeginPaint
GetForegroundWindow
PostQuitMessage
GetFocus
AdjustWindowRectEx
DefWindowProcW
DestroyIcon
SetMenu
LoadBitmapW
SetMenuItemInfoW
DeleteMenu
GetIconInfo
SetDlgItemInt
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
MessageBoxA
IsDialogMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
WindowFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetMenuStringW
MessageBoxW
IsIconic
AppendMenuW
CreatePopupMenu
InsertMenuItemW
GetMenuItemCount
GetMenuItemInfoW
LoadIconW
ReleaseCapture
SetCapture
SetCursor
PtInRect
ScreenToClient
LoadCursorW
EndDeferWindowPos
DeferWindowPos
CheckMenuItem
DestroyWindow
GetWindowTextA
CharUpperBuffA
GetSystemMetrics
GetDlgItemInt
SetFocus
SetWindowLongW
ShowWindow
IsWindowVisible
CallWindowProcW
DestroyMenu
TrackPopupMenu
SetForegroundWindow
GetCursorPos
GetSubMenu
LoadMenuW
EnableMenuItem
EnableWindow
IsWindowEnabled
IsCharLowerW
IsCharUpperW
LoadImageW
GetWindow
SetWindowTextA
GetWindowTextW
GetWindowTextLengthW
wsprintfW
SendDlgItemMessageA
GetTopWindow
DialogBoxIndirectParamW
GetSystemMenu
DrawTextExW
MessageBeep
FillRect
IsWindow
CreateCursor
GetClassNameW
GetWindowLongW
CreateWindowExW
SystemParametersInfoW
SetWindowPos
GetWindowRect
ClientToScreen
SetTimer
KillTimer
GetParent
PostMessageW
EndPaint

gdi32

SetTextColor
CreateSolidBrush
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
TextOutW
SetBkColor
GetTextMetricsW
ExtTextOutW
Rectangle
DeleteObject
GetObjectW
GetStockObject

advapi32

OpenThreadToken
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
OpenProcessToken
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
IsTextUnicode

shell32

SHBrowseForFolderW
ShellExecuteExW
SHGetFileInfoW
DragAcceptFiles
DragQueryFileW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderPathW
ShellExecuteW

ole32

RegisterDragDrop
DoDragDrop
RevokeDragDrop
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
PropVariantClear
OleInitialize

oleaut32

SysFreeString
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayRedim
SafeArrayDestroy
SysStringLen
SafeArrayCopy
SysAllocString

comctl32

PropertySheetW
ord17
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_Create

wininet

InternetGetConnectedState
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

Sections

.text
Size: 595KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 850KB - Virtual size: 850KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bf5662a58c77413c519c7dbebb08c2c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

version

comdlg32

Sections

.text Size: 595KB - Virtual size: 595KB

.rdata Size: 138KB - Virtual size: 138KB

.data Size: 22KB - Virtual size: 41KB

.pdata Size: 32KB - Virtual size: 32KB

.rsrc Size: 850KB - Virtual size: 850KB

.text
Size: 595KB - Virtual size: 595KB

.rdata
Size: 138KB - Virtual size: 138KB

.data
Size: 22KB - Virtual size: 41KB

.pdata
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 850KB - Virtual size: 850KB