224d7ba1a1127ef893d02c7a42f981f5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

224d7ba1a1127ef893d02c7a42f981f5_JaffaCakes118
Size

262KB
MD5

224d7ba1a1127ef893d02c7a42f981f5
SHA1

f0991aafa9b866b79aef44625bbf34263e5c5036
SHA256

57ed7faaca29f82e18faea6bfdf2655f311c79923323f9d596b03bb7d9a4ea5e
SHA512

4c2e5cef965b9d7b0864829a1683dd37f5a651cb7f4ae2f5e42301ce825f7668c508341f7635b9639f7e7281cdb452296ac279c8062e8448b71888a17ae4a291
SSDEEP

6144:ySVEjLE6CZTtApYHGP+ikC8o8YHKxJptN7ASlnWUn:ySVEHE6QTtApP597HKrpLASlnWUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
224d7ba1a1127ef893d02c7a42f981f5_JaffaCakes118

Files

224d7ba1a1127ef893d02c7a42f981f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4868649fab564f80d6c2dfeac7b1e837

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\CheckOut\WinMover\WinMoverConfig\ReleaseUnicode\WinMoverConfig.pdb

Imports

comctl32

InitCommonControlsEx
CreatePropertySheetPageW
PropertySheetW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

CompareStringW
InterlockedIncrement
InterlockedDecrement
GlobalLock
GlobalUnlock
WriteFile
WideCharToMultiByte
FormatMessageW
GetStringTypeExW
LocalAlloc
LocalFree
LoadLibraryW
GetModuleFileNameW
GetProcAddress
CreateMutexW
FreeLibrary
WaitForSingleObject
GetVersionExW
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
LoadLibraryA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemInfo
VirtualProtect
SetFilePointer
IsBadCodePtr
CloseHandle
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
RaiseException
RtlUnwind
FlushFileBuffers
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
SetEndOfFile
GetLastError
GetFullPathNameW
GetModuleHandleW
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
IsBadReadPtr

user32

SetDlgItemTextW
MessageBoxW
CreateWindowExW
ShowWindow
SetWindowLongW
GetDlgItem
GetWindowLongW
GetWindowPlacement
SetWindowPlacement
SendMessageW
GetSystemMetrics
GetKeyNameTextW
SetTimer
KillTimer
GetKeyboardState
DestroyWindow
SetForegroundWindow
FindWindowW
RegisterClassExW
DefWindowProcW
ClientToScreen
GetWindowRect
GetSysColor
SetWindowPos
GetCursorPos
GetDlgCtrlID
GetWindowTextLengthW
GetWindowTextW
EndDialog
GetDoubleClickTime
TrackPopupMenu
PostMessageW
GetSubMenu
DialogBoxParamW
GetClientRect
SetFocus
LoadMenuW
EnableWindow
DestroyMenu
SetMenuItemInfoW
GetMessagePos
GetDlgItemInt
MapVirtualKeyW
LoadImageW
GetParent
SendDlgItemMessageW

comdlg32

GetOpenFileNameW
CommDlgExtendedError

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW

ole32

ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
RegisterDragDrop

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4868649fab564f80d6c2dfeac7b1e837

Headers

File Characteristics

PDB Paths

Imports

comctl32

version

kernel32

user32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 9KB