25fb75b5308e28a3df4f644adcfe6d01_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25fb75b5308e28a3df4f644adcfe6d01_JaffaCakes118
Size

760KB
MD5

25fb75b5308e28a3df4f644adcfe6d01
SHA1

f87dadd6079619ba3e7b78e66ef0302dc37ff160
SHA256

05557db2596b572c79a4364497e88c6969018709685bf923c8f23d58fa98ad47
SHA512

022415ac5f1a48e09eb819da5f71fb392074ee24e0ae0cc42601c60b1be48eaecfcb295bb41cd61a9f20f13c01ddd5362a7abceb19d3a9f66253126c7866bb3d
SSDEEP

12288:+NsDLXAjfHefkq6C0l2k56+jNQ2vw13+i1QWnRSJXwfkD37PfwN:0iATHefkq6CqQ+j62vM3KeR6XwfkD3LI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25fb75b5308e28a3df4f644adcfe6d01_JaffaCakes118

Files

25fb75b5308e28a3df4f644adcfe6d01_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55341bfd172a9c5d2b7bd54e1afd40e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectPalette
EnumFontFamiliesA
GetRgnBox
Polygon
CreateDCW
DeleteDC
GetObjectA
SelectObject
SetLayout
DeviceCapabilitiesExW
GetTextExtentPointA
SetMagicColors
GetDeviceCaps

shell32

SHGetInstanceExplorer
SHUpdateRecycleBinIcon
SHEmptyRecycleBinW
SHBrowseForFolderW
SHGetFileInfo

advapi32

LookupPrivilegeDisplayNameW
RegReplaceKeyW
CryptGenRandom
InitiateSystemShutdownW
GetUserNameA
CryptCreateHash
RegQueryValueExA
LookupPrivilegeValueW

comdlg32

GetSaveFileNameA
PrintDlgW

comctl32

ImageList_LoadImageA
ImageList_LoadImage
ImageList_DragEnter
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Add
ImageList_GetDragImage
MakeDragList
ImageList_AddIcon

kernel32

GetFullPathNameA
CompareStringW
GetStringTypeA
OpenEventW
UnhandledExceptionFilter
VirtualProtect
EnumDateFormatsW
WriteFile
GetOEMCP
LoadLibraryA
HeapAlloc
VirtualQuery
VirtualAlloc
GetStartupInfoA
QueryPerformanceCounter
HeapReAlloc
FreeResource
GetSystemTimeAsFileTime
GetConsoleOutputCP
lstrcmpiA
ReadFile
HeapCreate
VirtualFree
GetTimeFormatA
GetConsoleCursorInfo
GetSystemInfo
SetConsoleTitleW
FlushFileBuffers
GetCompressedFileSizeW
FreeEnvironmentStringsW
ReadConsoleInputA
GetDateFormatA
LoadLibraryW
AddAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetStringTypeW
CreateWaitableTimerW
DeleteCriticalSection
TlsSetValue
CreateEventW
GetStdHandle
GetConsoleTitleW
SetConsoleTextAttribute
EnumSystemLocalesA
GetEnvironmentStrings
ReadConsoleW
SetConsoleWindowInfo
WriteConsoleInputW
SetStdHandle
EnumResourceLanguagesA
GetTempFileNameW
GetLocaleInfoA
GetModuleFileNameA
GetPrivateProfileStringW
ExitProcess
WriteProfileStringA
GetLongPathNameW
GetProfileStringW
GetCommandLineW
OpenMutexA
IsValidCodePage
LCMapStringA
SetEnvironmentVariableA
GlobalCompact
GetModuleFileNameW
lstrcpyW
RemoveDirectoryA
TlsFree
IsBadWritePtr
GlobalDeleteAtom
HeapFree
InterlockedExchange
ReadConsoleOutputW
GetEnvironmentVariableW
CompareStringA
CloseHandle
IsBadReadPtr
GetStringTypeExA
GetCurrentThread
GetStartupInfoW
RtlUnwind
FillConsoleOutputCharacterA
LocalCompact
GetLastError
CommConfigDialogW
TerminateProcess
GetFileType
GetCalendarInfoW
InterlockedDecrement
GetCPInfo
GetModuleHandleA
GetLocaleInfoW
HeapSize
EnterCriticalSection
EnumTimeFormatsA
SetConsoleActiveScreenBuffer
InitializeCriticalSection
GetCurrentProcess
IsValidLocale
GlobalFindAtomA
SetLastError
GetEnvironmentStringsW
GetCurrentProcessId
GetThreadSelectorEntry
GetTimeZoneInformation
FindFirstFileA
LocalFlags
SetFilePointer
GetStringTypeExW
LCMapStringW
TlsGetValue
GetVersionExA
CreateNamedPipeW
GetTickCount
FillConsoleOutputAttribute
SetHandleCount
GetUserDefaultLCID
WriteFileEx
GetCurrentThreadId
LocalUnlock
FreeLibrary
GetCommandLineA
TlsAlloc
GetSystemDirectoryW
GetProcAddress
HeapDestroy
MultiByteToWideChar
GetACP
CreateMutexA
WideCharToMultiByte

user32

DrawTextW
DlgDirListComboBoxW
MapVirtualKeyW
LookupIconIdFromDirectory
GetWindowModuleFileNameW
ShowWindow
UpdateWindow
DefWindowProcA
IsWindowUnicode
LoadIconA
SendDlgItemMessageW
IsDialogMessageA
CreateMenu
SendIMEMessageExA
EnumWindowStationsW
OpenWindowStationA
DdeQueryStringA
MessageBoxA
GetTitleBarInfo
WindowFromDC
GetNextDlgTabItem
SendMessageW
IsCharAlphaNumericA
CopyAcceleratorTableW
MessageBoxExW
GetWindowTextLengthW
CharNextA
CharLowerW
DlgDirSelectExW
LoadKeyboardLayoutW
GrayStringA
DrawEdge
RegisterClassA
GetProcessDefaultLayout
PeekMessageW
GetNextDlgGroupItem
SetDeskWallpaper
CreateWindowExA
CreateCaret
GetDlgItemTextA
SetScrollPos
ToAsciiEx
SetSystemCursor
CascadeChildWindows
WINNLSGetEnableStatus
DestroyWindow
GetClipboardData
OemToCharBuffW
SendMessageA
UnregisterClassA
GetScrollRange
ChangeDisplaySettingsA
SetMessageExtraInfo
LoadCursorFromFileA
RegisterClassExA
EndDialog

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55341bfd172a9c5d2b7bd54e1afd40e2

Headers

File Characteristics

Imports

gdi32

shell32

advapi32

comdlg32

comctl32

kernel32

user32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 460KB - Virtual size: 456KB

.data Size: 136KB - Virtual size: 156KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 460KB - Virtual size: 456KB

.data
Size: 136KB - Virtual size: 156KB

.rsrc
Size: 60KB - Virtual size: 57KB