28952d5906078f11a8ac8393464cb57d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28952d5906078f11a8ac8393464cb57d_JaffaCakes118
Size

738KB
MD5

28952d5906078f11a8ac8393464cb57d
SHA1

1a4968ddca795ae67a173bf7928b5820ab3576a7
SHA256

5ec7828bb4f7cae6c4fb9f23319d59e785c976a973ecb00d10d461abec0099eb
SHA512

4eac0d4596dc843e62140387ecb390fc9e20de7e841b9c3adb7b80e7fa06218241c5492153ef92039eeb02e3704765fec3ea43c3d79b9339414bfcc1e4f2bfbb
SSDEEP

12288:yt0Q4i6d1LtqeE8X94/WN7voZUOxcngyDlj:y0QXI1588NPahcF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28952d5906078f11a8ac8393464cb57d_JaffaCakes118

Files

28952d5906078f11a8ac8393464cb57d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5b62142f0fd8d2e1aca465f1d162fe1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
SearchPathW
SetEvent
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
SizeofResource
LocalFree
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpW
lstrcmpiW
lstrlenW
LocalAlloc
LoadResource
LoadLibraryExW
LeaveCriticalSection
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSetInformation
HeapFree
HeapAlloc
GetVersionExW
GetVersionExA
GetUserDefaultUILanguage
GetTimeFormatW
GetTickCount
GetTempPathW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
DebugBreak
CreateThread
CreateProcessW
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
VirtualAllocEx
GetProcessHeap
GetModuleHandleW
LoadLibraryA
LoadLibraryW
GlobalAlloc
GetCurrentProcessId
GetDriveTypeW
GetVersion
SystemTimeToFileTime
Sleep

user32

ScreenToClient
SendDlgItemMessageW
SendMessageW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
ShowWindow
ShowWindowAsync
SystemParametersInfoA
SystemParametersInfoW
TranslateAcceleratorW
TranslateMessage
UnregisterClassA
UnregisterClassW
ReleaseDC
RegisterClassW
RegisterClassExW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
OffsetRect
MoveWindow
MonitorFromWindow
ModifyMenuW
MessageBoxW
MapWindowPoints
MapDialogRect
LockWindowUpdate
LoadStringW
LoadImageW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetSystemMenu
GetMonitorInfoW
GetMessageW
GetMenu
GetFocus
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoW
GetClassInfoExW
FillRect
EqualRect
EnumDisplayMonitors
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DrawIcon
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
DefDlgProcW
CreateWindowExW
CreateMenu
CreateDialogParamW
CreateDialogIndirectParamW
CopyRect
CheckRadioButton
CheckDlgButton
CharUpperW
CharNextW
CharLowerW
BeginPaint
AppendMenuW
AllowSetForegroundWindow
AdjustWindowRectEx
AdjustWindowRect
LoadIconW
UpdateWindow
LoadBitmapW
LoadIconA
GetSystemMetrics

gdi32

CreateFontIndirectW
UpdateColors
TranslateCharsetInfo
StretchBlt
SetTextColor
SetRectRgn
SetMapMode
SetBkMode
SelectPalette
SelectObject
RealizePalette
GetStockObject
GetObjectW
GetDeviceCaps
GetDIBColorTable
GetDCOrgEx
GetClipBox
EqualRgn
DeleteObject
CreateRectRgnIndirect
CreateRectRgn
AbortPath
CreateCompatibleBitmap
CombineRgn
BitBlt
CloseFigure
GetDCBrushColor
GetGraphicsMode
CreateSolidBrush
CreateCompatibleDC
GdiFlush
GetEnhMetaFileW
CloseMetaFile
DeleteDC
EndDoc
BeginPath
CreatePalette

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

advapi32

RegQueryValueExA
UnregisterTraceGuids
TraceMessage
RegisterTraceGuidsW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
GetUserNameA
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CredWriteW
CredWriteDomainCredentialsW
CredUnmarshalCredentialW
CredReadW
CredReadDomainCredentialsW
CredGetSessionTypes
CredFree
RegOpenKeyA
CredDeleteW

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHAddToRecentDocs
ExtractIconW

ole32

CoCreateInstance
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoUninitialize

shlwapi

SHStrDupW
PathStripPathW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathAppendW

msvcrt

_wcsicmp
wctomb
wcstombs
wcstok
wcsstr
wcsrchr
wcspbrk
wcsncmp
wcschr
ungetc
_CIpow
_XcptFilter
__badioinfo
__dllonexit
__getmainargs
__mb_cur_max
__p__commode
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_controlfp
_errno
_exit
_fileno
_initterm
_ismbblead
_lock
_onexit
_purecall
_read
_unlock
_vsnprintf
_vsnwprintf
_wcslwr
_wcsnicmp
_wtoi
_wtol
bsearch
calloc
exit
free
isdigit
isleadbyte
iswctype
iswdigit
iswspace
isxdigit
localeconv
malloc
mbtowc
memcpy
memmove
memset
realloc
srand
time
toupper
towlower
towupper

Sections

.text
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zzz0
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b62142f0fd8d2e1aca465f1d162fe1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 579KB - Virtual size: 578KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 19KB - Virtual size: 19KB

.zzz0 Size: 19KB - Virtual size: 18KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 579KB - Virtual size: 578KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 19KB - Virtual size: 19KB

.zzz0
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 98KB - Virtual size: 98KB