245b0892631fd3e1688b81515a3245cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

245b0892631fd3e1688b81515a3245cf_JaffaCakes118
Size

375KB
MD5

245b0892631fd3e1688b81515a3245cf
SHA1

d80c90888ea32e2e705096be836222654fa0beb3
SHA256

4b19b56475a5dd46b2e9855ea36e568eda83accbcd3505194b738248096c09b7
SHA512

af8c9182f3d9087b62b9e4e1b57ea21b75f53dba7a3cb5a4e633021f8484457646fe2acdf699e71251d19c40fec501dec15a22c6543d0b0495587055db9316e5
SSDEEP

6144:9KpXisaQ1eAAOk8fV6BqZKQ23LwTZqSGTGhLRV82Mt6sT1U2jB:9kba8eAuknZj23LwTZqScGhLR8tr1rB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245b0892631fd3e1688b81515a3245cf_JaffaCakes118

Files

245b0892631fd3e1688b81515a3245cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

112c5d5f03605eabc7a7625ecede8ab6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRect
SendMessageW
DefWindowProcW
LoadImageW
SetWindowLongW
TranslateMessage
PeekMessageA
GetWindowLongA
EndDialog
GetDlgItem
SendMessageA
SetWindowLongA
DispatchMessageA
IsDialogMessageA
CreateDialogIndirectParamA
SetDlgItemTextA
GetDesktopWindow
GetClientRect
GetWindowRect
MoveWindow
CharNextA
CharUpperA
wsprintfA
ReleaseDC
LoadImageA
GetDC
EndPaint
CreateDialogParamA
BeginPaint
DialogBoxIndirectParamA
MessageBoxA
DestroyWindow
CharLowerA
GetParent
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
DrawIcon
DestroyIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
EnableWindow
GetDlgItemTextA
GetWindow
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
WaitForInputIdle
ClientToScreen
SetWindowPos
GetWindowDC
ShowWindow
DialogBoxParamA
MsgWaitForMultipleObjects
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
OpenClipboard
TrackPopupMenu
AppendMenuW
CreatePopupMenu
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
CreateDialogParamW
SetWindowTextW
SetForegroundWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
GetWindowLongW
CharNextW
GetClassInfoW
FindWindowExW
DrawTextW

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoFreeAllLibraries
CoCreateInstance
CoInitialize
CoUninitialize

advapi32

RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

gdi32

GetObjectA
GetDeviceCaps
CreateHalftonePalette
CreatePalette
GetSystemPaletteEntries
GetDIBColorTable
GetTextExtentPoint32A
CreateCompatibleDC
SetTextColor
CreateFontIndirectA
CreateSolidBrush
CreateFontA
DeleteObject
GetStockObject
CreateDIBitmap
TranslateCharsetInfo
UnrealizeObject
SelectPalette
RealizePalette
SelectObject
DeleteDC
SetBkMode
BitBlt

netapi32

NetRemoveAlternateComputerName

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
WriteFile
GetProcAddress
GetModuleHandleW
HeapReAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
AddAtomA
HeapDestroy
GetModuleHandleA
GetStartupInfoA
HeapCreate
ExitProcess
lstrcpyA
GetEnvironmentStringsW
HeapAlloc
HeapFree
LockResource
LoadResource
FindResourceA
FindResourceExA
RemoveDirectoryA
LocalFree
FormatMessageA
SetEvent
OpenEventA
CopyFileA
GetTempFileNameA
GetTempPathA
WaitForSingleObject
SetFileAttributesA
GetLastError
GetShortPathNameA
GetWindowsDirectoryA
GetFileAttributesA
CreateDirectoryA
SetLastError
lstrlenA
CompareStringA
GetPrivateProfileStringA
GetVersionExA
GlobalLock
GlobalAlloc
GetUserDefaultLangID
GetModuleFileNameA
RtlUnwind
GetAtomNameA
DeleteFileA
Sleep
CloseHandle
lstrlenW
WideCharToMultiByte
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetPrivateProfileIntA
CreateProcessA
CreateFileA
SetErrorMode
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RaiseException
ReadFile
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetCommandLineA
CompareStringW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.time
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112c5d5f03605eabc7a7625ecede8ab6

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

netapi32

kernel32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 6KB - Virtual size: 332KB

.time Size: 512B - Virtual size: 128B

.rsrc Size: 214KB - Virtual size: 213KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 6KB - Virtual size: 332KB

.time
Size: 512B - Virtual size: 128B

.rsrc
Size: 214KB - Virtual size: 213KB