81613c6844b8536d3d3da7990b12f0f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

81613c6844b8536d3d3da7990b12f0f0_JaffaCakes118
Size

15.3MB
MD5

81613c6844b8536d3d3da7990b12f0f0
SHA1

4d27ae96b2e20a7dc9e526bca8628a41b996d661
SHA256

d1ef812d3615251519b87a0b27066cb80c2717710015819cbaa385bd0d40c4eb
SHA512

7b8aa2d4a128ac29fa947b0e432f865f11db834fe390c6c737cd58f226af416fe54c354f67cfed245081195fe99514f0688f9a7d8c19f73aa30641e6e261b083
SSDEEP

393216:gL837N9kBX1ICOnkSNKcspz6UbZDmLQNh7RBkoNLdxEcl8Cw:g437N9IX6C/wUbZDmIBhLrEyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81613c6844b8536d3d3da7990b12f0f0_JaffaCakes118

Files

81613c6844b8536d3d3da7990b12f0f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ac09a5e3b262eb1de738d375158c608

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUniversalNameA

kernel32

FindClose
GetShortPathNameA
GetWindowsDirectoryA
MoveFileExA
GetSystemDirectoryA
CompareFileTime
GetFileTime
GetVersionExA
WritePrivateProfileStringA
FreeResource
LockResource
LoadResource
FindResourceA
GlobalReAlloc
SizeofResource
SetVolumeLabelA
FileTimeToDosDateTime
GetSystemTimeAsFileTime
SetEvent
GetPrivateProfileStringA
OpenFile
WaitForSingleObjectEx
CreateEventA
SystemTimeToFileTime
GetLocalTime
CompareStringW
CompareStringA
FlushFileBuffers
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
DeleteFileA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
GetStdHandle
SetHandleCount
SetEndOfFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetSystemTime
GetTimeZoneInformation
GetDiskFreeSpaceA
CreateDirectoryA
ExitProcess
RemoveDirectoryA
HeapReAlloc
SetFilePointer
ReadFile
GetFileType
HeapFree
HeapAlloc
MoveFileA
GetTempPathA
GetTempFileNameA
_llseek
_lread
GetExitCodeProcess
FindFirstFileA
FindNextFileA
CopyFileA
GetFileAttributesA
lstrcatA
SetLastError
Sleep
TerminateProcess
DuplicateHandle
CreateRemoteThread
WaitForSingleObject
GetLastError
OpenProcess
WideCharToMultiByte
_lopen
_lwrite
_lclose
SetErrorMode
GetVolumeInformationA
GetModuleFileNameA
WriteFile
CreateProcessA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
ResumeThread
GetModuleHandleA
GetProcAddress
GetVersion
MultiByteToWideChar
LoadLibraryA
FreeLibrary
lstrlenA
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDriveTypeA
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesA
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

wsprintfA
CheckDlgButton
DefWindowProcA
EnableWindow
GetClassLongA
SetClassLongA
LoadBitmapA
InvalidateRect
IsChild
GetFocus
SendMessageA
DestroyWindow
GetWindowLongA
LoadCursorA
EndDialog
SetWindowLongA
CheckRadioButton
CallWindowProcA
EnumChildWindows
OpenClipboard
GetClipboardData
CloseClipboard
LoadImageA
EndPaint
BeginPaint
PostQuitMessage
SetWindowPos
AdjustWindowRectEx
PtInRect
GetMessageA
CreateWindowExA
MessageBoxA
RegisterClassA
SetTimer
ReleaseDC
GetDC
KillTimer
CharPrevA
LoadIconA
IsDlgButtonChecked
CreateIconFromResourceEx
CreateIconFromResource
DestroyIcon
IsDialogMessageA
DialogBoxParamA
LoadStringA
ScreenToClient
GetWindowThreadProcessId
EnumWindows
CreateDialogParamA
CharUpperA
GetClassNameA
GetParent
GetWindow
GetWindowTextA
ShowWindow
GetDlgItem
DrawTextA
GetSysColorBrush
FillRect
SetWindowTextA
CharLowerA
SetDlgItemTextA
GetClientRect
GetWindowRect
OffsetRect
MoveWindow
GetSystemMetrics
CharNextA
ExitWindowsEx
PeekMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
IsWindow
SendMessageTimeoutA
SetForegroundWindow
BringWindowToTop
PostMessageA
GetSysColor

gdi32

CreateFontA
CreateFontIndirectA
SetBkColor
GetTextExtentPointA
StretchBlt
SetBkMode
SetTextColor
GetStockObject
GetTextMetricsA
GetObjectA
GetDIBits
AddFontResourceA
DeleteObject
RealizePalette
SelectPalette
CreatePalette
StretchDIBits
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
PatBlt
CreateSolidBrush
CreateCompatibleDC

advapi32

RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
CreateServiceA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
CloseServiceHandle
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
SHChangeNotify
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
FindExecutableA
ShellExecuteA
SHGetFileInfoA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize

oleaut32

SysFreeString
VariantInit

comctl32

ImageList_Destroy
PropertySheetA
ImageList_Create
ImageList_ReplaceIcon

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15.1MB - Virtual size: 15.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ac09a5e3b262eb1de738d375158c608

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 47KB

.rsrc Size: 15.1MB - Virtual size: 15.1MB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 47KB

.rsrc
Size: 15.1MB - Virtual size: 15.1MB