adec4cea2aa87e0bd0117e0c5c844f96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adec4cea2aa87e0bd0117e0c5c844f96_JaffaCakes118
Size

319KB
MD5

adec4cea2aa87e0bd0117e0c5c844f96
SHA1

846fdecb6b28639fabfeaeef529439a9ebbbd858
SHA256

714692d9da2a75a678e58b65dc5e90dc4704b7019b8656458d52da1511f6cf4b
SHA512

508ba3006fe411f8514b075ee533c88df4edd4473a5fb7ff04538e00432ae0f41a38d1d320dba0025150779d2b2a232fb4a42f76b68a085c055f1364992006d2
SSDEEP

6144:JIan638oOA/EkqqOqfREsUZ9fKPyo7vuRWX:JIsK8oXCqh6cPzSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adec4cea2aa87e0bd0117e0c5c844f96_JaffaCakes118

Files

adec4cea2aa87e0bd0117e0c5c844f96_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe47cd9e34955db5a1d9430ba11ab0c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
LCMapStringW
DecodePointer
EncodePointer
GetFileType
ReadConsoleW
SetFilePointerEx
HeapFree
GetLocalTime
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
WriteFile
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
CreateFileW
FlushFileBuffers
GetConsoleCP
HeapSize
HeapReAlloc
SetEndOfFile
GlobalUnlock
GetConsoleWindow
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
LocalFree
GlobalLock
GetProcAddress
WriteConsoleW
FlushConsoleInputBuffer
HeapAlloc
LoadLibraryW
CloseHandle
GetCurrentDirectoryA
LocalAlloc
AllocateUserPhysicalPages
GetStdHandle
GetCurrentProcess
RaiseException
TerminateProcess
GetModuleHandleW
IsProcessorFeaturePresent
VirtualQuery
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GlobalFree
lstrcpyA
GlobalAlloc
FileTimeToSystemTime
GetLastError
GetACP
MultiByteToWideChar
GetConsoleMode
SetLastError

user32

GetDesktopWindow
GetDlgItem
GetClientRect
ReleaseDC
LoadIconA
CreateDialogParamA
GetWindowDC
GetParent
SendMessageA
SendDlgItemMessageA
CreateWindowExA
DestroyMenu
DefWindowProcA
IsWindowEnabled
GetWindowTextA
ClientToScreen
RegisterClassExA
UpdateWindow
InvalidateRect
AppendMenuA
LoadMenuA
LoadImageA
CheckMenuRadioItem
GetWindowRect
GetFocus
LoadCursorA
DestroyWindow
GetDC
SetWindowPos
HideCaret
GetSystemMetrics
CreatePopupMenu
SetMenuItemBitmaps
ChildWindowFromPointEx
GetScrollPos
TrackPopupMenu
GetSubMenu
ShowWindow
OffsetRect
DestroyIcon
GetScrollRange
CopyRect

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetStockObject
GetEnhMetaFileA
GetDeviceCaps
CreateRectRgn
TextOutA
SetViewportOrgEx
CreateFontIndirectA
SetStretchBltMode
DeleteObject
SetMapMode
GetObjectA
BitBlt

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
QueryRecoveryAgentsOnEncryptedFile
RegOpenKeyExA
QueryServiceConfig2W
RegEnumKeyExA

shell32

SHCreateShellItem
SHGetFileInfoA
SHGetSpecialFolderLocation

ole32

GetRunningObjectTable
CoInitialize
OleRegGetUserType
ReadFmtUserTypeStg
StgSetTimes
CreateFileMoniker
StgCreateDocfile
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize

oleaut32

OleLoadPicture

ws2_32

WSAEventSelect

netapi32

NetShareGetInfo

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

avifil32

AVIStreamGetFrameOpen

crypt32

CertEnumPhysicalStore

shlwapi

PathMatchSpecA
PathMakeSystemFolderA
PathFileExistsA
PathMakePrettyA

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Create

pdh

PdhGetFormattedCounterValue

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipSaveImageToFile
GdipFree

uxtheme

GetCurrentThemeName
IsThemeActive
GetWindowTheme
DrawThemeBackground

powrprof

GetPwrDiskSpindownRange

urlmon

IsAsyncMoniker
HlinkGoForward

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe47cd9e34955db5a1d9430ba11ab0c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

mpr

avifil32

crypt32

shlwapi

comctl32

pdh

gdiplus

uxtheme

powrprof

urlmon

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 5KB

.text Size: 5KB - Virtual size: 5KB

.rsrc Size: 174KB - Virtual size: 174KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 174KB - Virtual size: 174KB