19e66b082a1bc52c5a35735c815c1f2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19e66b082a1bc52c5a35735c815c1f2e_JaffaCakes118
Size

369KB
MD5

19e66b082a1bc52c5a35735c815c1f2e
SHA1

e088a80c1f5b8e97c3677d54ee5c65acbe74c7f5
SHA256

e43e623be1f01161b51104e0bccafc0dbba62a1b8110d4bc27c7e11236e105a5
SHA512

3f72ac4791572b735d74c4c9ff2d6edbdc7ab3db3ceecd5302c7fcb8638ae44b63ba9a94693e2223890eab6395a1a0882db4a526ac29aed7ee2dad98db987d36
SSDEEP

6144:Kgph55btC+yNbcUow1BL2+abrJdRlBQZT5NQHT3XbzdwbIUKrK3BdCY6m:KYjCNnfUrJdRlBQZT5N+bfdwAKh6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e66b082a1bc52c5a35735c815c1f2e_JaffaCakes118

Files

19e66b082a1bc52c5a35735c815c1f2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b83aafaf44ef3a84befd41fd11cd69e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
ord17

powrprof

SetSuspendState

gdiplus

GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipFree
GdipLoadImageFromFile

kernel32

Sleep
FindFirstFileW
DeviceIoControl
SetLastError
GetFileSize
TerminateThread
CreateThread
GetTickCount
GetProcessAffinityMask
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetCurrentThread
ReadFile
GetModuleFileNameA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
InitializeCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetCommandLineW
GetCommandLineA
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
RaiseException
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
ExitProcess
GetModuleHandleA
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
WaitForSingleObject
CreateFileMappingW
FreeLibrary
MapViewOfFile
CreateFileW
WriteFile
DeleteFileW
OpenMutexW
GetLastError
ReleaseMutex
CloseHandle
lstrcpynW
GetModuleHandleW
GetVersionExW
GetCurrentProcess
LoadLibraryW
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
GetLocalTime
GetModuleFileNameW
MulDiv
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetProcessHeap
RtlUnwind
WideCharToMultiByte
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcAddress

user32

DefWindowProcW
GetSystemMetrics
ReleaseDC
GetDC
CreateWindowExW
CallWindowProcW
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
ShowWindow
SendNotifyMessageW
SendMessageW
DestroyIcon
LoadStringW
LoadBitmapW
GetWindowTextW
ExitWindowsEx
DrawTextExW
ScreenToClient
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
IsDialogMessageW
RegisterWindowMessageW
GetSubMenu
GetCursorPos
TrackPopupMenu
PostQuitMessage
DialogBoxParamW
FillRect
InvalidateRect
GetWindowRect
RegisterClassExW
DestroyWindow
PostMessageW
SetFocus
GetMenu
GetMenuState
CheckMenuItem
SetTimer
KillTimer
EnableWindow
AdjustWindowRect
EnumChildWindows
LoadIconW
GetDlgItem
EndDialog
SetWindowTextW
SetWindowLongW
SetWindowPos
MessageBoxW
SetForegroundWindow
UpdateWindow
GetClientRect

gdi32

CreateBitmap
DeleteDC
CreateBrushIndirect
SetTextAlign
TextOutW
CreateFontW
CreateFontIndirectW
CreateDIBSection
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
SetTextColor
SetBkColor
GetDeviceCaps

comdlg32

ChooseColorW
GetSaveFileNameW
ChooseFontW
GetOpenFileNameW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateServiceW
StartServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
DeleteService
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b83aafaf44ef3a84befd41fd11cd69e

Headers

File Characteristics

Imports

comctl32

powrprof

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 8KB - Virtual size: 86KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 8KB - Virtual size: 86KB

.rsrc
Size: 40KB - Virtual size: 39KB