6539492e1c4bc181c19ead149566bcdd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6539492e1c4bc181c19ead149566bcdd_JaffaCakes118
Size

1.1MB
MD5

6539492e1c4bc181c19ead149566bcdd
SHA1

c802d11c494da208b290ef2d45f3673d8f2d8764
SHA256

79bbe24c69300c4307885261dddbe6416fa15b193ecbbb0348931656ed832132
SHA512

985b8934da025d5790faf6d7d57a7d9e1eb605a4f46d5c97f4bb1408cc3b91bd3ef99d60b99d4734883a71f0792aa7a040de63753ae90253ea0dfdea2026a138
SSDEEP

6144:8MtipohjpRsrj7HQH0/huEtZ6ZlZrADLzZJLFOEfLNJx5TZBtBBhxTJh5Vzd551X:8VwEUkwgk4VTCp9qWF6nJnSSqmD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6539492e1c4bc181c19ead149566bcdd_JaffaCakes118

Files

6539492e1c4bc181c19ead149566bcdd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c5a9e5b85899be204bdfc27a71fe24a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetTimeFormatA
GetTimeFormatW
GetUserDefaultLCID
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFree
GetSystemTimeAsFileTime
MultiByteToWideChar
QueryPerformanceCounter
SetEnvironmentVariableW
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
TerminateThread
UnhandledExceptionFilter
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcpynA
lstrlenA
GetSystemDefaultLangID
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetLastError
GetDateFormatW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FormatMessageW
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateThread
CreateEventW
CreateEventA
CloseHandle
AreFileApisANSI
VirtualAllocEx
GetDriveTypeA
GetModuleHandleW
LocalReAlloc

user32

GetDC
GetDlgItem
GetFocus
GetMessageA
GetParent
GetProcessWindowStation
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongA
GetWindowRect
InvalidateRect
IsDialogMessageA
IsWindowEnabled
IsWindowVisible
KillTimer
LoadIconA
LoadStringA
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterClassW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseDC
SendMessageA
SendMessageW
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
SystemParametersInfoA
TranslateMessage
UpdateWindow
WinHelpA
WinHelpW
wsprintfW
GetClientRect
FindWindowW
FindWindowExW
FindWindowA
FillRect
EndPaint
EnableWindow
DrawTextW
DrawTextA
DrawIcon
DrawFocusRect
DrawAnimatedRects
DispatchMessageA
DestroyWindow
DefWindowProcW
DefWindowProcA
DefDlgProcW
DefDlgProcA
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
CallWindowProcW
BeginPaint
AttachThreadInput
GetSysColor
LoadCursorA
FindWindowExA

gdi32

SetTextColor
SetBkColor
SelectObject
SaveDC
RestoreDC
GetTextExtentPointW
GetTextExtentPointA
GetObjectA
DeleteObject
CreateFontIndirectW
CreateFontIndirectA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegEnumKeyW
RegEnumKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenThreadToken
OpenProcessToken
GetUserNameW
RegOpenKeyExA
RegQueryValueExW
GetUserNameA
RegSetValueExW

ole32

StringFromGUID2
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

msvcrt

__p__fmode
wcscmp
toupper
strncpy
exit
_onexit
_initterm
_ftol
_exit
_except_handler3
_controlfp
_XcptFilter
__argc
__argv
__dllonexit
__getmainargs
__p__commode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c5a9e5b85899be204bdfc27a71fe24a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 11KB - Virtual size: 11KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 5KB - Virtual size: 5KB