19a726d00fc83146c00778baaedf6be1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19a726d00fc83146c00778baaedf6be1_JaffaCakes118
Size

92KB
MD5

19a726d00fc83146c00778baaedf6be1
SHA1

229b222869625f0c04a5d1112a324f4d2dcd520b
SHA256

95ccdaefc88656d41d89f3ec7ebcdf53f2da1454891f114df7d32bc523df7d98
SHA512

d81a529a03dda2b54c5477ca8f9c466cf9cb0f2dbe1e343bfa3e0cde468102cadc29f0e128623cb15d42854db785eb1789cbecde09e2eaa3143e329933243662
SSDEEP

1536:5//UZfXB8ZgbC8u2nS08vPN4ibkkkcxTL2XMRXMMGBkyJMjZROYJT3bQghxHCZ:iJCgbC8u90cPN8khTLzRcaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19a726d00fc83146c00778baaedf6be1_JaffaCakes118

Files

19a726d00fc83146c00778baaedf6be1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

msn6.exe.pdb

Imports

advapi32

RegCloseKey
CryptReleaseContext
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCreateKeyExA

gdi32

GetPaletteEntries
DeleteObject
GetDeviceCaps

kernel32

LockResource
LoadResource
FindResourceA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW
LocalReAlloc
GetFileAttributesA
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
SizeofResource
GetPrivateProfileIntW
GetTempPathA
GetTempPathW
SetLastError
CopyFileA
CopyFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexW
LoadLibraryW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessW
FindClose
SetErrorMode
InterlockedExchange
GlobalAddAtomA
GlobalDeleteAtom
GetSystemTimeAsFileTime
GetACP
GetVersionExW
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
CreateFileMappingW
IsDBCSLeadByte
GetProcessTimes
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
FindNextFileW
FindNextFileA
GetTickCount
DeleteCriticalSection
IsBadReadPtr
DebugBreak
TerminateProcess
LoadLibraryA
GetVersionExA
RaiseException
GetCurrentThreadId
EnterCriticalSection
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
CreateEventA
CreateMutexA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetPrivateProfileIntA
CreateProcessA
SetEvent
UnmapViewOfFile
LeaveCriticalSection
GetProcAddress
FreeLibrary
SetFilePointer
WriteFile
GetModuleHandleA
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCommandLineW
LocalAlloc
GetCommandLineA
MultiByteToWideChar
LocalFree
Sleep
GetLastError
ExitProcess
lstrlenA
lstrlenW
WaitForSingleObject
ReleaseMutex
CloseHandle
GetCurrentProcessId
WideCharToMultiByte

user32

RegisterWindowMessageA
GetCursorPos
GetDoubleClickTime
LoadMenuA
GetSubMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
DestroyIcon
SetFocus
KillTimer
SetTimer
DestroyWindow
TranslateMessage
LoadStringA
MessageBoxA
DefWindowProcA
DefWindowProcW
DispatchMessageA
DispatchMessageW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
CreateIconFromResource
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
LoadImageA
DestroyMenu
TrackPopupMenuEx
LoadStringW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
CharNextA
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
FindWindowExA
FindWindowExW
MessageBoxW
LoadImageW
RegisterWindowMessageW
SendMessageTimeoutA
SystemParametersInfoA
SystemParametersInfoW
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
FindWindowW
SendMessageTimeoutW
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
wvsprintfA
GetWindowTextA
IsWindow

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

gdi32

kernel32

user32

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 36KB - Virtual size: 39KB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 36KB - Virtual size: 39KB