e74fcf22e8379d3b110d2a09913e12dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e74fcf22e8379d3b110d2a09913e12dd_JaffaCakes118
Size

156KB
MD5

e74fcf22e8379d3b110d2a09913e12dd
SHA1

e302268c59653112223a998d9284866bc788d811
SHA256

c25621d3ccf2f378166a7d9c100efd809af5257a94716dd23f7a638447db862c
SHA512

4477e3d4d2fe5929c98a1785d2de838fb293eeaff2a582814381cead7d932fef0482641d7c79f1ba46ac332031af95b49abedaa285bbe1f65d5001c01f09a3af
SSDEEP

3072:swB94Ar/gik3QWQ5u7KrVBLK0Lca5WlwFLM+JEcvwGDISl:swBuEEQWQA7KrVx7IaA4gawGs6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e74fcf22e8379d3b110d2a09913e12dd_JaffaCakes118

Files

e74fcf22e8379d3b110d2a09913e12dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54d596ea357a61576ecf898b1520d83f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
lstrlenW
GetSystemDefaultLangID
SizeofResource
MultiByteToWideChar
GetStringTypeExA
LocalFree
LocalAlloc
FormatMessageA
lstrlenA
GetVersionExA
CreateEventA
WaitForSingleObject
ReadFile
WaitForMultipleObjects
VirtualQuery
CompareFileTime
FindClose
FindFirstFileA
GetTimeFormatA
GetDateFormatA
GetFileAttributesA
LoadResource
FreeLibrary
HeapAlloc
GetProcessHeap
VirtualFree
VirtualAlloc
FindNextFileA
FindResourceExA
InterlockedDecrement
GetCurrentProcess
EnumResourceNamesA
GetTempPathA
GetSystemTime
DeleteFileA
RemoveDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
SetEvent
LockResource
InterlockedIncrement
SetFilePointer
WriteFile
OutputDebugStringA
TlsAlloc
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
TlsGetValue
TlsSetValue
GetCurrentThreadId
QueryPerformanceCounter
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
GetCurrentProcessId
GetFileSize
FileTimeToSystemTime
GetModuleFileNameA
GetStdHandle
SetStdHandle
SetConsoleCtrlHandler
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
GetEnvironmentStringsW
GetCommandLineA
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
Sleep
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
GetVersion
FlushFileBuffers
GetStartupInfoA
GetModuleHandleA
HeapFree
SetCurrentDirectoryA
SetEnvironmentVariableA
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
RaiseException
RtlUnwind
TerminateProcess
ExitProcess
GetFileType
IsBadCodePtr
GetStringTypeA
GetStringTypeW

user32

SetTimer
ReleaseDC
GetDC
wvsprintfA
LoadStringA
wsprintfA
GetDesktopWindow
KillTimer
FindWindowA
GetClassNameA
GetWindowModuleFileNameA
SendMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
RegisterClassExA
GetClassInfoExA
GetWindow
GetTopWindow
IsWindow
GetDlgItem
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CreateAcceleratorTableA
LoadAcceleratorsA
CopyAcceleratorTableA
DestroyAcceleratorTable
GetSystemMetrics
SetWindowPos
GetClientRect
AdjustWindowRectEx
SystemParametersInfoA
ShowWindow
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetIconInfo
DrawTextA

gdi32

GetDIBits
CreateDIBSection
DeleteObject
GetStockObject

advapi32

RegCreateKeyExA
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA

shell32

SHGetPathFromIDListA

ole32

CLSIDFromString
StringFromIID
StringFromCLSID
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocString
VariantCopy
CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
SysStringByteLen
VariantClear
SysAllocStringByteLen
VariantInit
SysFreeString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54d596ea357a61576ecf898b1520d83f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

comctl32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 944B

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 944B