794fd53672ca4d097d20087993d8c5ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

794fd53672ca4d097d20087993d8c5ec_JaffaCakes118
Size

1.2MB
MD5

794fd53672ca4d097d20087993d8c5ec
SHA1

6535b5046659ff169ba0f60d83416398b54be518
SHA256

f9395666396ddd990c6275b44d3b376fa49fdae187f4841275dc72271467f191
SHA512

88542d21075f88b9213d47c71263246351fd6a0b475ce9606975a7242eace88422beaafe6c7af97bf4e892c3703a55115753e54753ed739d58406304555b1ca5
SSDEEP

12288:bUtSe4izalBUu01gTL5vBFWJKRlQH8OrNeXg85hlrv+5RQLH5n8YfjgzEhal8Qpe:bUU3kM0OllQcOrggylgR4B0gsl/pN5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
794fd53672ca4d097d20087993d8c5ec_JaffaCakes118

Files

794fd53672ca4d097d20087993d8c5ec_JaffaCakes118
.exe windows:6 windows x86 arch:x86

1171337ed2a30b589cbed9d5ed362449

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ParentC\Release\Saving.pdb

Imports

kernel32

GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileSizeEx
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetProcessHeap
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
FreeEnvironmentStringsW
GetConsoleMode
CreateFileW
SetFilePointerEx
WriteFile
ExitProcess
GetCurrentDirectoryW
WriteConsoleW
GetFileType
GetStdHandle
GetSystemInfo
HeapValidate
HeapAlloc
RtlUnwind
LoadLibraryW
GetTickCount
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
SetStdHandle
QueryPerformanceFrequency
QueryPerformanceCounter
SetPriorityClass
FormatMessageA
GetVolumeInformationA
GetFileAttributesA
CreateFileA
GetSystemDirectoryA
GlobalAddAtomA
UpdateResourceA
EnumResourceTypesA
FindResourceExA
GetModuleHandleA
LoadLibraryA
CreateFileMappingA
OpenEventA
CreateEventW
CreateEventA
OpenMutexA
CreateMutexA
lstrlenA
lstrcatA
GetEnvironmentStringsW
MapViewOfFile
ReadConsoleW
CloseHandle
ReadFile
SizeofResource
LoadResource
Sleep
WaitForSingleObject
SetErrorMode
GetOverlappedResult
GetLastError
GetCurrentProcess
VirtualAlloc
LocalFree
LocalAlloc
GlobalAlloc
GetProcAddress
ReleaseSemaphore
VirtualFree
VirtualProtect
GetVersionExW
LoadLibraryExW
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SetEndOfFile
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
FreeLibrary
LockResource
FreeResource
UnregisterWaitEx
MultiByteToWideChar
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
GetModuleHandleExW
QueueUserWorkItem
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
DecodePointer
RaiseException
WideCharToMultiByte
FormatMessageW
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread
GetCurrentThreadId

user32

PeekMessageA
DispatchMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
UnregisterClassA
RegisterClassExA
CreateWindowExA
GetMessageA
SetWindowPos
CreateDialogParamA
EndDialog
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
CharUpperA
CharLowerA
SetTimer
LoadAcceleratorsA
TranslateMessage
wsprintfA
GetSystemMetrics
ShowWindow
UpdateWindow
SystemParametersInfoA
IsDialogMessageA
LoadStringW
CopyImage
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
GetTopWindow
FindWindowA
DrawFocusRect
GetSysColor
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
GetWindowTextA
SetWindowTextA
EndPaint
BeginPaint
ReleaseDC
GetDC

gdi32

GdiSetBatchLimit
ExtTextOutA
TextOutA
GetObjectA
CreateDIBSection
GetTextMetricsA
SetTextAlign
SetTextColor
StretchBlt
SetDCBrushColor
SetBkColor
SelectObject
GetStockObject
GetPixel
GetBkColor
EnumFontFamiliesExA
DeleteObject
DeleteDC
CreateRectRgn
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

comdlg32

ChooseFontA

advapi32

OpenSCManagerA
InitializeSecurityDescriptor
CryptAcquireContextA
CryptReleaseContext
CryptGenKey
StartServiceA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenProcessToken
ControlService
CloseServiceHandle
ChangeServiceConfigA
CryptGenRandom

shell32

SHGetPathFromIDListW
ord64
SHAppBarMessage

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
PropVariantClear
CreateStreamOnHGlobal
CoInitialize
CLSIDFromString

wininet

GopherGetLocatorTypeW
FtpSetCurrentDirectoryA
FtpPutFileA
InternetGetLastResponseInfoA
InternetConnectA
InternetOpenA

ws2_32

WSAGetLastError

netapi32

NetShareGetInfo

psapi

GetProcessMemoryInfo

userenv

CreateEnvironmentBlock

mpr

WNetGetConnectionA

msimg32

TransparentBlt

winmm

timeBeginPeriod
timeSetEvent
sndPlaySoundA

shlwapi

ColorRGBToHLS
SHStrDupW

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_GetIconSize
ord17

rpcrt4

UuidToStringA
UuidCreate

winhttp

WinHttpOpen

setupapi

SetupDiOpenDeviceInfoW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiSetSelectedDevice
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiBuildDriverInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiGetSelectedDriverA
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiCreateDeviceInfoList

Sections

.text
Size: 609KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1171337ed2a30b589cbed9d5ed362449

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

wininet

ws2_32

netapi32

psapi

userenv

mpr

msimg32

winmm

shlwapi

comctl32

rpcrt4

winhttp

setupapi

Sections

.text Size: 609KB - Virtual size: 609KB

.rdata Size: 222KB - Virtual size: 222KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 345KB - Virtual size: 344KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 609KB - Virtual size: 609KB

.rdata
Size: 222KB - Virtual size: 222KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 345KB - Virtual size: 344KB

.reloc
Size: 33KB - Virtual size: 32KB