b392cede7a5b498e91c1caec82c05f0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b392cede7a5b498e91c1caec82c05f0e_JaffaCakes118
Size

608KB
MD5

b392cede7a5b498e91c1caec82c05f0e
SHA1

6256db6796248ee0d11f354e91d5751514268031
SHA256

23bd42331109f21c56456612ead7779621910722f2a1f435ae0e006f847b210a
SHA512

ffefdfe1bd4133eb24172e92c7a62d956ec31ad2a01d83f717f6931bf43cf5a71c23c83a1eb0cab1260f5956ba8d4fd75dd99b18040dda08f72b174a9e0b71dd
SSDEEP

12288:hNqkncfpkb0OEUh34tzYeIvuZjRPl9bkuGDCsi7O2mpHo6urjDEfL:+3FltkruZjnG+smOojn4fL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b392cede7a5b498e91c1caec82c05f0e_JaffaCakes118

Files

b392cede7a5b498e91c1caec82c05f0e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa3ffb9f370eaacdb2a8a2c1fd555d2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
WideCharToMultiByte
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapCreate
GetStdHandle
WriteFile
TlsFree
GetStringTypeW
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineW
VirtualQuery
GetSystemInfo
EncodePointer
DecodePointer
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
HeapAlloc
IsBadReadPtr
LoadLibraryA
GetProcessHeap
HeapFree
VirtualFree
VirtualProtect
VirtualAlloc
GetTimeZoneInformation
Sleep
FindResourceExW
LockResource
lstrlenA
lstrcpynA
lstrcmpW
GetCurrentProcessId
LoadLibraryW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
CloseHandle
MultiByteToWideChar
FreeLibrary
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrcatW
lstrcpynW
lstrcpyW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
lstrlenW
GetVersionExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
RaiseException

user32

EndDialog
MonitorFromWindow
EndPaint
BeginPaint
GetScrollInfo
SetScrollPos
ScrollWindowEx
GetWindow
RemoveMenu
DialogBoxParamW
LoadBitmapW
LoadStringA
PostQuitMessage
LoadStringW
GetWindowRect
SetScrollInfo
SetMenu
GetMenu
GetSubMenu
PeekMessageW
LoadImageW
CreatePopupMenu
PtInRect
IsMenu
SetWindowsHookExW
GetClassNameW
OffsetRect
CallNextHookEx
CharLowerW
UnhookWindowsHookEx
SystemParametersInfoW
SetRectEmpty
RegisterWindowMessageW
GetWindowDC
TrackPopupMenuEx
GetMessagePos
WindowFromPoint
GetSysColorBrush
MessageBeep
FrameRect
ModifyMenuW
DrawEdge
MonitorFromPoint
GetMonitorInfoW
DrawFrameControl
DrawTextW
SetMenuItemInfoW
FillRect
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
IsWindowVisible
MapWindowPoints
ScreenToClient
PostMessageW
CreateWindowExW
ReleaseCapture
GetClassInfoExW
DestroyWindow
GetFocus
GetSystemMetrics
GetDesktopWindow
RegisterClassExW
InflateRect
GetSysColor
ReleaseDC
GetDC
AdjustWindowRectEx
GetKeyState
SetFocus
SetMenuDefaultItem
CheckMenuRadioItem
EnableMenuItem
AppendMenuW
DeleteMenu
LoadCursorW
SetCursor
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
CallWindowProcW
GetDlgCtrlID
GetParent
SetCapture
RedrawWindow
ShowWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
SetWindowTextW
SendMessageW
wvsprintfW
CharNextW
DestroyMenu
DefWindowProcW
IsWindow
GetWindowLongW
SetWindowLongW
TranslateAcceleratorW
UnregisterClassA

gdi32

GetCurrentObject
CreateDIBSection
CreatePatternBrush
CreateBitmap
PatBlt
SetBkColor
SetBrushOrgEx
SetTextColor
SetBkMode
GetObjectW
CreateFontIndirectW
BitBlt
DeleteDC
CreateSolidBrush
CreatePen
Polygon
CreateCompatibleBitmap
DeleteObject
GetStockObject
CreateCompatibleDC
SetViewportOrgEx
SelectObject

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarUI4FromStr

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

comctl32

ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx
ImageList_DragEnter
ImageList_DragLeave
ImageList_Draw
ImageList_DrawIndirect
CreateStatusWindowW
ord8
ImageList_LoadImageW
ImageList_Create

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa3ffb9f370eaacdb2a8a2c1fd555d2a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

advapi32

comctl32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 396KB - Virtual size: 396KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 396KB - Virtual size: 396KB

.reloc
Size: 13KB - Virtual size: 12KB