79452e059c2883b88843e4ebe6520c25_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

79452e059c2883b88843e4ebe6520c25_JaffaCakes118
Size

304KB
MD5

79452e059c2883b88843e4ebe6520c25
SHA1

67b4ccc50c318bba1e521a3f5d232427efd9ac15
SHA256

4d188166549552d9162a9287445cdac86b83800adff3908adc1b5c3a4fe2e0a7
SHA512

777bf97df3ea7bf25454ece0e7be0f4be64260fc07772418e8dd1cde10997501c00820cd83551113737bab679e29f07c2d2e5e997a09f39b9a8ecd8579987c87
SSDEEP

6144:rDdvoTyl7Zh4uYrmjoDaNQXOVJkiEdEPURbFqoU:rRHl7Zh4Vrmj2aNQefkRZhqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79452e059c2883b88843e4ebe6520c25_JaffaCakes118

Files

79452e059c2883b88843e4ebe6520c25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f9699e54f408229a8f514ee6258c6902

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ValidateRect
TrackMouseEvent
GetKeyboardLayoutNameW
DestroyMenu
SetMenuItemInfoW
TrackPopupMenuEx
AppendMenuW
CreatePopupMenu
GetDlgItemTextW
GetDlgItemInt
SetLayeredWindowAttributes
GetClassLongW
GetWindow
GetWindowInfo
DrawEdge
GetCapture
SetCapture
ReleaseCapture
CheckMenuRadioItem
PostThreadMessageW
GetMenuState
IsIconic
RegisterClassExW
GetClassInfoExW
CharNextW
NotifyWinEvent
UnregisterClassA
LoadMenuW
LoadAcceleratorsW
ReleaseDC
KillTimer
GetWindowLongW
WindowFromPoint
IsWindow
GetMessagePos
LoadStringW
TranslateAcceleratorW
GetKeyState
DestroyAcceleratorTable
GetDC
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetWindowRect
ShowCaret
SetParent
GetWindowTextW
UnionRect
AllowSetForegroundWindow
InflateRect
DrawTextW
SetRect
CopyRect
EqualRect
IntersectRect
SystemParametersInfoW
GetFocus
GetSysColorBrush
RedrawWindow
GetSysColor
GetClientRect
CreateWindowExW
SetFocus
IsWindowVisible
MoveWindow
SetClassLongW
InvalidateRect
FrameRect
FillRect
CloseClipboard
CloseWindow
LoadImageW
IsWindowEnabled
AttachThreadInput
GetWindowThreadProcessId
EndPaint
FindWindowExW
BeginPaint
GetMenuContextHelpId
GetUpdateRect
DrawFocusRect
LoadIconW
MsgWaitForMultipleObjects
DestroyIcon
SetWindowPlacement
GetWindowPlacement
IsChild
ReplyMessage
InSendMessageEx
SendMessageTimeoutW
EndDialog
GetDlgItem
SetWindowLongW
DestroyCursor
DispatchMessageW
TranslateMessage
PeekMessageW
SetWindowPos
DestroyWindow
LoadCursorW
SetCursor
ShowWindow
CreateDialogParamW
PtInRect
SetRectEmpty
SetClipboardData
EmptyClipboard
OpenClipboard
RemovePropW
GetPropW
GetDesktopWindow
SetPropW
GetComboBoxInfo
CallWindowProcW
ClientToScreen
CallNextHookEx
SetForegroundWindow
GetClassNameW
UnhookWindowsHookEx
SetWindowsHookExW
ScreenToClient
SetTimer
EnableMenuItem
IsRectEmpty
GetSubMenu
MapWindowPoints
CheckMenuItem
GetParent
CheckRadioButton
GetAsyncKeyState
LoadStringA
LoadImageA
GetClassInfoA
DialogBoxParamW
DefWindowProcW
GetClassNameA
IsDialogMessageA
GetActiveWindow
PostMessageW
SendMessageW
GetMessageTime
UpdateWindow
GetScrollRange
SetWindowTextW
CharNextExA
GetSystemMetrics
OffsetRect
RegisterClipboardFormatA
DeleteMenu
InSendMessage
GetClassWord
MessageBoxW
VkKeyScanExW
IsMenu
GetUserObjectInformationA
GetMenuBarInfo

comdlg32

GetOpenFileNameW

ole32

CreateDataAdviseHolder
OleCreateMenuDescriptor

advapi32

RegOpenKeyExA
CryptAcquireContextW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExW
RegEnumKeyW
RegDeleteKeyW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext

gdi32

GdiTransparentBlt
SelectPalette
OffsetClipRgn
CreateRectRgn
GetCharWidthFloatW
GetPolyFillMode
Chord
SetDIBitsToDevice
GetGlyphOutlineA
GetDeviceCaps
GetBkMode
GetFontLanguageInfo
SetViewportOrgEx
CreateSolidBrush
GetMapMode
GetEnhMetaFileDescriptionA
GetTextAlign
Ellipse
SetColorSpace
GetWorldTransform
PtVisible
CreateFontIndirectA
DeleteDC
SelectClipRgn
EnumFontsA
CreateBrushIndirect
SetICMMode

kernel32

GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetFileSize
GetSystemInfo
VirtualFree
GetProcAddress
LoadLibraryExW
GetEnvironmentVariableA
GetFullPathNameA
GetFullPathNameW
TlsFree
TlsGetValue
TlsAlloc
Sleep
HeapFree
GetFileAttributesW
SetFileAttributesW
CopyFileExW
DeleteFileW
GetFileType
DeviceIoControl
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetFilePointer
FlushViewOfFile
MapViewOfFileEx
GetModuleFileNameA
CreateFileA
DisableThreadLibraryCalls
CreateFileW
GetLastError
GetVersion
HeapReAlloc
WriteFile
WideCharToMultiByte
FreeLibrary
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
HeapCreate
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetProcessHeap
GetLogicalDrives
SearchPathW
CloseHandle
SetFileTime
GetCurrentThread
MoveFileA
GetDiskFreeSpaceA
SetFileAttributesA
GetEnvironmentVariableW
VirtualProtect
VirtualAlloc
ContinueDebugEvent
FindFirstFileW
lstrcmpiA
SystemTimeToFileTime
MulDiv
GlobalSize
DeleteCriticalSection
LoadLibraryExA
TlsSetValue
GlobalUnfix
GetThreadPriorityBoost
SetFileValidData
LocalAlloc
GetProcessVersion
GetCommModemStatus
SetProcessShutdownParameters
LocalFree
SetLastError
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetStartupInfoA
GetTimeZoneInformation
GetModuleHandleW
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InterlockedIncrement
InterlockedDecrement
GetCPInfo
LoadLibraryA
GetACP
GetOEMCP
LCMapStringA
IsValidCodePage
GetStringTypeA
GetStringTypeW
ReadFile
RtlUnwind
HeapSize
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileSizeEx

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9699e54f408229a8f514ee6258c6902

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

ole32

advapi32

gdi32

kernel32

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 23KB - Virtual size: 47KB

.rsrc Size: 91KB - Virtual size: 90KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 23KB - Virtual size: 47KB

.rsrc
Size: 91KB - Virtual size: 90KB