19fd951441c1dfb076bef5e9d5ee0624_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

19fd951441c1dfb076bef5e9d5ee0624_JaffaCakes118
Size

733KB
MD5

19fd951441c1dfb076bef5e9d5ee0624
SHA1

c3062c554676d9af0cef2939208bcaad918a6680
SHA256

5b6e9048d4b389553f9660dde657da7dc100a2dd7410800ffdff847e91451635
SHA512

b8f8d36224242ad8f554898b2654ffa2211c5e08b9b0d8cccad26f96561ff3ab2919c422cb2c02b5e0a9f93dcaf0d714e7ce9eb1dae810e9b5844cb57deb5ce6
SSDEEP

12288:i18PltD6Prl9oG2oxgXlQwx5T+Q4jbzIPtlh3Qt6ywuktMlRNCb5bHT6sxLN3Cog:i18PltGPrd2GgVQeRkjbzK3UnRHA5/6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19fd951441c1dfb076bef5e9d5ee0624_JaffaCakes118

Files

19fd951441c1dfb076bef5e9d5ee0624_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea9d4e4a0debb5b1c483331b25efe8c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

FindClose
FindNextFileW
MoveFileExW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GlobalFree
lstrcmpiW
GetLocaleInfoW
lstrcmpiA
CloseHandle
WriteFile
CreateFileW
Process32NextW
Process32FirstW
GetLastError
GetDateFormatW
GetTimeFormatW
GetLocalTime
CopyFileW
GetDriveTypeW
SetErrorMode
GetCurrentProcess
GetCurrentProcessId
CreateToolhelp32Snapshot
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetCommandLineW
GetStdHandle
DuplicateHandle
CreatePipe
Sleep
GetDiskFreeSpaceExW
SetCurrentDirectoryW
GetCurrentDirectoryW
FreeLibrary
LoadLibraryW
SetProcessShutdownParameters
MultiByteToWideChar
lstrlenA
ReadFile
HeapFree
SetFilePointer
HeapAlloc
GetProcessHeap
GetFileSize
lstrcmpA
lstrcpynA
RemoveDirectoryW
GetFileTime
SetFileTime
LocalFileTimeToFileTime
HeapReAlloc
InterlockedDecrement
GetTempFileNameW
ExpandEnvironmentStringsW
LocalFree
GetThreadLocale
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetCommandLineA
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetTempPathW
CreateDirectoryW
GetModuleFileNameW
lstrcatW
lstrlenW
lstrcmpW
GetConsoleCP
lstrcpyW
WideCharToMultiByte
DosDateTimeToFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetConsoleMode
SetHandleCount
GetStartupInfoA
GetFileAttributesW
GetACP
GetCPInfo
GetModuleFileNameA
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
GetStartupInfoW
GetVersionExA
InterlockedIncrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
GetProcAddress

user32

GetDlgItem
LoadStringW
SetWindowPos
SetDlgItemTextA
EndDialog
SendMessageW
GetParent
GetWindowRect
ShowWindow
GetClientRect
PeekMessageW
CharNextW
GetSystemMetrics
LoadImageW
DestroyIcon
CreateDialogParamW
DestroyWindow
GetDesktopWindow
CloseWindow
OpenIcon
DispatchMessageW
MessageBoxW
SetWindowTextW
GetSystemMenu
AppendMenuW
EnableWindow
SendDlgItemMessageW
ScreenToClient
MoveWindow
SetDlgItemTextW
SetWindowLongW
DialogBoxParamW
CallWindowProcW
SetFocus
wsprintfW

advapi32

RegEnumKeyW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegSetValueExW

shell32

CommandLineToArgvW
SHBrowseForFolderW
SHGetMalloc
Shell_NotifyIconW
SHGetPathFromIDListW

ole32

CoTaskMemFree
StringFromCLSID
CoCreateGuid
OleUninitialize
OleInitialize
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket

oleaut32

SafeArrayGetElement
VariantInit
SysFreeString
SysAllocString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayUnaccessData
VariantClear

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea9d4e4a0debb5b1c483331b25efe8c7

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 88KB - Virtual size: 88KB