1a228f04f986dabc7d35d77ea833c964_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a228f04f986dabc7d35d77ea833c964_JaffaCakes118
Size

134KB
MD5

1a228f04f986dabc7d35d77ea833c964
SHA1

38f315abcf46efc8dcee829e3bd9e66c70cc3585
SHA256

d53cc3aa9616357786b223020aa0dd4f5790b30704b585295c1f7ab4f180cd92
SHA512

a5402cf27d000c8ecbff88315d665d87172ed28ac55dc16040a10dbe04a23a38edbb82172f2167aa356e89b1b2a68c11b00d1492a32d3f2963fcc45d0a6ffb7f
SSDEEP

3072:lcTLZw623nUEvg1twvgvpW73gRhTHsQ0bbc+j0:lcM3nI1twCBRh7sjj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a228f04f986dabc7d35d77ea833c964_JaffaCakes118

Files

1a228f04f986dabc7d35d77ea833c964_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4713bff5aaaf10c7a4ec64655c50f125

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wmseditor.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
__set_app_type
__p__fmode
_controlfp
?terminate@@YAXXZ
__dllonexit
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
free
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
_except_handler3
_endthreadex
wcschr
wcsspn
wcslen
_wtoi
wcsrchr
_beginthreadex
??3@YAXPAX@Z
realloc
memmove
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_CxxThrowException
_wcsicmp

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA

kernel32

HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryA
VirtualAlloc
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitThread
CreateThread
VirtualFree
FlushInstructionCache
GetCurrentProcess
RaiseException
LocalFree
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetVersionExW
lstrlenW
InterlockedDecrement
MultiByteToWideChar
lstrcpynW
lstrcpyW
GetLastError
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
SetEvent
CloseHandle
WaitForSingleObject
GetStringTypeExW
GetThreadLocale
lstrcmpW
DebugBreak
OutputDebugStringW
lstrlenA
GetModuleFileNameW
FormatMessageW
FreeLibrary
GetProcAddress
LoadLibraryW
CreateEventW
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceW
GlobalAlloc
lstrcpynA
SetLastError
GlobalUnlock
GlobalLock
Sleep
GetCommandLineW

gdi32

SelectObject
CreateCompatibleDC
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
SetBkColor
CreateCompatibleBitmap
DeleteObject
BitBlt

user32

GetWindowTextLengthW
GetWindowTextW
CreateAcceleratorTableW
RemoveMenu
PtInRect
CreatePopupMenu
GetMenuItemCount
SetWindowTextW
RegisterWindowMessageW
GetMenu
LoadStringW
CharNextW
SetWindowLongW
EnableMenuItem
GetActiveWindow
PostThreadMessageW
MoveWindow
GetClientRect
ShowWindow
SetFocus
GetParent
GetDlgItem
SendMessageW
wvsprintfW
RegisterClassExW
LoadImageW
wsprintfW
LoadCursorW
GetClassInfoExW
SetWindowPos
DefWindowProcW
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
UnregisterClassW
LoadAcceleratorsW
LoadMenuW
DestroyWindow
TranslateAcceleratorW
IsDialogMessageW
IsChild
GetFocus
GetWindowLongW
CallWindowProcW
SetForegroundWindow
GetSysColor
ReleaseCapture
SetCapture
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
GetDesktopWindow
GetWindow
EndPaint
FillRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameW
PostMessageW
SetMenuItemInfoW
CreateDialogIndirectParamW
EndDialog
MapWindowPoints
SystemParametersInfoW
GetWindowRect
DialogBoxParamW
PostQuitMessage
IsWindowVisible
LoadStringA
TrackPopupMenuEx
ClientToScreen
MessageBeep
DestroyMenu
AppendMenuW
GetMenuItemInfoW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

comctl32

InitCommonControlsEx

shell32

SHChangeNotify

ole32

CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoInitialize

oleaut32

SysStringLen
GetErrorInfo
LoadRegTypeLi
VariantClear
RegisterTypeLi
LoadTypeLi
SysFreeString
SysAllocString
SysAllocStringLen
SysAllocStringByteLen

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4713bff5aaaf10c7a4ec64655c50f125

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comdlg32

comctl32

shell32

ole32

oleaut32

Sections

.text Size: 67KB - Virtual size: 66KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 58KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 4KB

.text
Size: 67KB - Virtual size: 66KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 58KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 4KB