aaa8e1dea3f3c7db3950a055843f969c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aaa8e1dea3f3c7db3950a055843f969c_JaffaCakes118
Size

1.2MB
MD5

aaa8e1dea3f3c7db3950a055843f969c
SHA1

69faceb9c2d258a03c889a673bbd214a4565c143
SHA256

6aa0829830223e6827583f5ef5c2a7fa46b06ed1be3db294a835a482a40b4d06
SHA512

b01f810f4dc9f1d4b8c00e087f58da4b76723716118822c57b2a25b8cf1ab5e575c223684c67077668baab1e1065ec5d09f718bb1ba1a3c0b21596b8f261313e
SSDEEP

24576:lnFvMp+/QlnhjrEG3GoP888szR8+et3zjOng9:3MpYY93z088Sz2D6g9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa8e1dea3f3c7db3950a055843f969c_JaffaCakes118

Files

aaa8e1dea3f3c7db3950a055843f969c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ac1a0963202e2925e03433f64df7eaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
Sleep
SetFileTime
ReadFile
LocalAlloc
GetFileSize
WriteFile
SetFilePointer
LockResource
LoadResource
SizeofResource
FindResourceA
WaitForSingleObject
CreateFileA
GetModuleFileNameA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryW
MultiByteToWideChar
LocalFree
GetTickCount
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleHandleA
CreateEventA
GetLastError
OutputDebugStringA
CreateThread
GetExitCodeThread
SetEvent
UnhandledExceptionFilter
HeapSize
CloseHandle
GetCurrentProcess
IsBadWritePtr
GetExitCodeProcess
WideCharToMultiByte
CreateProcessA
LoadLibraryExA
LoadLibraryA
DeleteFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
CopyFileA
GetFileAttributesA
FindFirstFileA
FindNextFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
CreateProcessW
LoadLibraryExW
GetTempPathW
CreateFileW
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
MoveFileW
CopyFileW
GetFileAttributesW
FindFirstFileW
FindNextFileW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
ReleaseSemaphore
GetVersionExA
CreateSemaphoreA
GetModuleFileNameW
TerminateProcess
FindClose
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
GetFileType
RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
RaiseException
InterlockedDecrement
InterlockedIncrement
SetHandleCount
GetStdHandle
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

LoadImageA
SendDlgItemMessageA
SetWindowTextA
LoadIconA
SendMessageA
SetTimer
PostMessageA
DestroyIcon
KillTimer
wsprintfA
GetDlgItem
ReleaseCapture
ClientToScreen
GetCursorPos
SetCapture
SetWindowPos
CreateDialogParamA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
FindWindowA
PostQuitMessage
GetWindowRect

gdi32

DeleteObject
SetBkMode
SetTextColor
SelectObject
SetDCBrushColor
GetStockObject
CreateFontA

shell32

SHGetFolderPathW
ShellExecuteExW
ShellExecuteA
SHGetFolderPathA
ShellExecuteExA

comctl32

InitCommonControlsEx

ole32

CoInitialize

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW

Exports

Exports

??0IExentCtlInstaller@@QAE@ABV0@@Z
??0IExentCtlInstaller@@QAE@XZ
??4IExentCtlInstaller@@QAEAAV0@ABV0@@Z
??_7IExentCtlInstaller@@6B@

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ac1a0963202e2925e03433f64df7eaf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

ole32

version

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB