72be6134413e147a8988d9b5046c9bff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72be6134413e147a8988d9b5046c9bff_JaffaCakes118
Size

2.4MB
MD5

72be6134413e147a8988d9b5046c9bff
SHA1

7d901b8eb959e16012f03034a15fa8fe5f036e78
SHA256

95be98d0ccd1cc708434918568b28f2db4e0abc6504b99967bdc4a77b60c9d1e
SHA512

4d593e8fda7ef1e0fe2d6c2f7aa21ede1666a61715c75ba2b9a6aa3358023b522a7750048b605e83a88c4e82ac32cbee8a979dd03cd04225f8e9268cd1312f1f
SSDEEP

49152:BXyBc+dXzhu8+0yDG3b1iVMmxP470NRFsNH:cBPdk8+0vr1iPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
72be6134413e147a8988d9b5046c9bff_JaffaCakes118

Files

72be6134413e147a8988d9b5046c9bff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a18579777cdb9c2296df0550ce7e8a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
TerminateProcess
lstrlenA
lstrlenW
VirtualAlloc
Sleep
SetUnhandledExceptionFilter
SetThreadUILanguage
SetLastError
SetEvent
SetConsoleCtrlHandler
ResumeThread
ResetEvent
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
OpenEventW
MoveFileW
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryA
GetWindowsDirectoryW
GetUserDefaultLCID
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStartupInfoW
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleW
GetModuleHandleA
GetLocaleInfoW
GetLocalTime
GetLastError
GetFileTime
CancelTimerQueueTimer
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetDriveTypeW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
FormatMessageW
FormatMessageA
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitProcess
DuplicateHandle
DeleteFileW
CreateProcessW
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CloseHandle
lstrcmpiW

user32

LoadIconA
GetMessagePos
SetPropA
GetDC
GetLastActivePopup
CharLowerW
SetMenu
OemToCharBuffW
IsWindowUnicode
IsCharUpperA
InvalidateRect
GetKeyboardType
EnumPropsW
EndPaint
CopyImage
IsIconic
CharToOemBuffA

gdi32

QueryFontAssocStatus
PtInRegion
PolylineTo
PlayMetaFileRecord
NamedEscape
MoveToEx
LineTo
GetTextMetricsW
GetTextFaceW
GetTextExtentPointW
GetStringBitmapA
GetRegionData
GetROP2
GetMapMode
GetGlyphOutlineWow
GetEnhMetaFilePaletteEntries
GetDeviceCaps
GetCharWidthI
GetBkMode
GdiReleaseDC
GdiIsMetaPrintDC
GdiGetSpoolFileHandle
FillRgn
EndPage
EndDoc
RealizePalette
DeleteMetaFile
DeleteDC
CreateSolidBrush
CreatePen
CreateFontW
CreateFontA
CreateEnhMetaFileW
CreateDCW
CreateCompatibleBitmap
BitBlt
AddFontResourceW
AddFontResourceExA
AbortDoc
SelectObject
SetAbortProc
SetBitmapBits
SetBkMode
SetPaletteEntries
SetRectRgn
SetTextColor
StartDocW
StartPage
TextOutW
TranslateCharsetInfo
cGetTTFFromFOT
Rectangle
RemoveFontResourceA
RoundRect
DeleteObject
EngLoadModule
SaveDC

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

SHBrowseForFolderW
CheckEscapesW
DragAcceptFiles
DragFinish
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractIconW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListW
SHGetFileInfo
SHGetFileInfoA
SHGetFolderPathW
SHGetIconOverlayIndexA
Shell_NotifyIconW
ShellExecuteW
ShellExecuteA
ShellAboutW
SHPathPrepareForWriteA
SHLoadInProc
SHInvokePrinterCommandA
SHGetSettings
SHGetPathFromIDListA
SHGetPathFromIDList
SHGetMalloc
SHGetInstanceExplorer

shlwapi

StrStrA
StrRStrIW
StrRChrW
StrRChrIW
StrRChrIA
StrRChrA
StrCmpNIW
StrCmpNIA
StrChrIW
StrChrA
StrStrIA

msvcrt

_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_write
exit
isspace
strtoul

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a18579777cdb9c2296df0550ce7e8a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

msvcrt

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 571KB - Virtual size: 570KB

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 571KB - Virtual size: 570KB

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 2KB - Virtual size: 1KB