76686bd748f379ae749925ac3a0bef24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

76686bd748f379ae749925ac3a0bef24_JaffaCakes118
Size

326KB
MD5

76686bd748f379ae749925ac3a0bef24
SHA1

a47210f061c7fe897a120f07044908555747c8e6
SHA256

d111229814c81db2d99a678f89106ece34772724d9783085b3d955619d5f5ad4
SHA512

c4d6b3beafe80138002bcd96d6583f32a4a12a0097e9a6797ef24141031afb2e4ca95c713550d89ec891d69b91e8dff2debfa8550572b288d75594c660f72eef
SSDEEP

6144:t6pw2D8rudpuP4bMGmJNiQRGeXzynZUa1ZGtR:opBACpbMjcQRGCynmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76686bd748f379ae749925ac3a0bef24_JaffaCakes118

Files

76686bd748f379ae749925ac3a0bef24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1abce8fd0c90a1bd9aae86bc6200406a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameW

gdi32

CreateFontIndirectW
DeleteObject

oleaut32

SysStringByteLen
VariantCopy
VariantClear
SysAllocString
SysAllocStringLen
SysStringLen

ole32

OleInitialize
CoCreateInstance
CoInitialize
CoUninitialize

user32

LoadCursorW
SetCursor
SetDlgItemTextW
InvalidateRect
GetParent
LoadIconW
SetTimer
CheckDlgButton
IsDlgButtonChecked
SetWindowTextW
EndDialog
MessageBoxW
DialogBoxParamW
KillTimer
GetWindowLongW
ShowWindow
MoveWindow
ScreenToClient
GetDlgItem
GetWindowRect
MapDialogRect
SystemParametersInfoW
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
CharUpperW
IsWindowEnabled
GetFocus
SetFocus
GetKeyState
PostMessageW
EnableWindow
SetWindowLongW

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExA
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_beginthreadex
wcscat
wcslen
_iob
_purecall
strlen
memcmp
memset
free
malloc
wcsstr
strcmp
_CxxThrowException
memmove
wcscmp
memcpy
__CxxFrameHandler
_isatty
_exit
_fileno

kernel32

SetPriorityClass
WaitForMultipleObjects
Sleep
GetSystemDefaultLangID
GetUserDefaultLangID
AreFileApisANSI
FileTimeToLocalFileTime
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcessTimes
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatus
GetSystemInfo
lstrlenW
lstrcatW
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
GetDriveTypeW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
DeviceIoControl
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
VirtualAlloc
VirtualFree
WaitForSingleObject
CreateEventW
SetEvent
InitializeCriticalSection
LoadLibraryA
GetVersionExW
FileTimeToSystemTime
GetCommandLineW
GetStartupInfoA
GetTempPathW
GetFileAttributesW
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindClose
GetCurrentThreadId
GetTickCount
GetCurrentDirectoryW
SetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
GetModuleHandleW
GetProcAddress
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetCurrentProcessId

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1abce8fd0c90a1bd9aae86bc6200406a

Headers

File Characteristics

Imports

comctl32

comdlg32

gdi32

oleaut32

ole32

user32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 250KB - Virtual size: 250KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 2KB - Virtual size: 10KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 250KB - Virtual size: 250KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 2KB - Virtual size: 10KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 22KB - Virtual size: 22KB