1c23c4597f0c830d590641547e224e20_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1c23c4597f0c830d590641547e224e20_JaffaCakes118
Size

394KB
MD5

1c23c4597f0c830d590641547e224e20
SHA1

18512bd68556e7f1434727c1d6951d99875ed06f
SHA256

44d8caba7e7053e9cd1727bd4b5797a52f0061a9f2d9bc94d8c7362e476b476b
SHA512

aa3f00b1b677b98364894652a8071025e5500cacd67868f51af4d92ccd5490772c9e30c0b1de9cf6c0e9d1ffac4c47d52f5752541ff9d5e5dfd6537774161e69
SSDEEP

6144:v0Xe+fF4GHDqLMEQvCAqbX5FwjFJ+TZBoc/+0b8sk9kk3kCV/F1NM4JXwynlaPqR:wxWGjqIEQKAS5b1BoI+0tI9EyZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c23c4597f0c830d590641547e224e20_JaffaCakes118

Files

1c23c4597f0c830d590641547e224e20_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c39aac16f0669ee1557804af1e29046

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
lstrlenW
GetProfileStringW
lstrcatW
lstrcpyW
LocalFree
GetCurrentDirectoryW
LocalReAlloc
OutputDebugStringA
LocalAlloc
DeleteFileW
MoveFileW
_lclose
OpenFile
GetTempFileNameW
_llseek
_lread
OutputDebugStringW
_lwrite
_lcreat
_lopen
GetProfileIntW
GlobalUnlock
GlobalLock
lstrcmpW
LocalLock
LocalUnlock
LoadResource
FindResourceW
GetSystemDefaultLangID
CompareStringW
CompareStringA
HeapSize
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetLocaleInfoA
GetStringTypeW
ResumeThread
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
HeapFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
Sleep
GetTimeZoneInformation
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
TerminateProcess
GlobalFree
GetThreadContext
VirtualQueryEx
FreeLibrary
SetEnvironmentVariableA
GlobalAlloc
VirtualAlloc
ExitProcess
GetTempPathA
lstrcmpA
GetTempFileNameA
CreateFileA
WriteFile
LoadLibraryA
CreateProcessA
WaitForSingleObject
GetCurrentProcess
GetLastError
QueryPerformanceCounter
GetModuleHandleA
GetCurrentThreadId
FindAtomA
lstrlenA
lstrcatA
OpenProcess
CloseHandle
GetProcAddress
GetStringTypeA
lstrcpyA

user32

PeekMessageW
IsDialogMessageW
GetWindowTextW
CreateDialogParamW
GetSystemMenu
SetCaretPos
InvertRect
LoadStringW
LoadCursorW
RegisterClassW
LoadAcceleratorsW
GetSystemMetrics
CreateWindowExW
SetTimer
RegisterWindowMessageW
LoadBitmapW
CharUpperA
SetWindowTextW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
IsIconic
GetActiveWindow
GetScrollRange
GetScrollPos
ScrollWindow
AnyPopup
OffsetRect
DrawTextW
ShowWindow
GetDC
CheckRadioButton
GetDlgItemInt
SetDlgItemInt
MessageBeep
MessageBoxW
SetDlgItemTextW
EnableWindow
CharPrevA
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
GetDlgItemTextW
CharNextA
GetWindowLongW
LoadIconW
GetKeyState
HiliteMenuItem
ReleaseDC
DialogBoxParamW
EndDialog
SendDlgItemMessageW
FlashWindow
GetSysColor
FillRect
SendMessageW
DestroyWindow
WinHelpW
PostQuitMessage
HideCaret
BeginPaint
EndPaint
ShowCaret
PostMessageW
CreateCaret
DestroyCaret
DefWindowProcW
IsWindowEnabled
SetCursor
UpdateWindow
MoveWindow
SetScrollPos
SetScrollRange
InvalidateRect
GetMenu
OpenClipboard
EnumClipboardFormats
CloseClipboard
EnableMenuItem
CheckMenuItem
SetFocus
GetClientRect
GetCursorPos
EqualRect
InflateRect
OpenInputDesktop
GetFocus
GetThreadDesktop
ClientToScreen
SetThreadDesktop
FindWindowA
GetWindowThreadProcessId
GetWindowRect
IsWindowVisible
wsprintfA
CloseDesktop
GetUpdateRect

shell32

ShellAboutW

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA

gdi32

DeleteObject
CreateSolidBrush
PatBlt
DeleteDC
GetDeviceCaps
UnrealizeObject
SelectObject
SetBkColor
GetStockObject
BitBlt
GetObjectW
CreateCompatibleDC
GetTextMetricsW
LineTo
Ellipse
CreateDCW
Escape
SetBkMode
TextOutW
SetTextColor
GetBkColor
GetBkMode

comdlg32

GetSaveFileNameW
PrintDlgW
GetOpenFileNameW

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c39aac16f0669ee1557804af1e29046

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

advapi32

gdi32

comdlg32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 266KB - Virtual size: 271KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 266KB - Virtual size: 271KB

.rsrc
Size: 17KB - Virtual size: 16KB