333254d06608802252c2f210f680d487_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

333254d06608802252c2f210f680d487_JaffaCakes118
Size

37KB
MD5

333254d06608802252c2f210f680d487
SHA1

1ea0a43f8fe6d4175a74abe9243f216cddef8881
SHA256

6b9e28fa74bed3216afb13a0e87da6a323f411579be203e08c300b9092b19e17
SHA512

abab6a0447f56cda6ae86ee6327fd4fd951fbd602832590ce96c5d210f45288464757797bf2fb3b508f3c51dab6f8ad2f810f795899b9dcc6c17e9c381e883a2
SSDEEP

768:trbrweJYFQsQoIA600/QbKBnHwBnsottNcO3EHPu7OQsfeAtIN3:trbrHWQsy900+dsottNcruCYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
333254d06608802252c2f210f680d487_JaffaCakes118

Files

333254d06608802252c2f210f680d487_JaffaCakes118
.exe windows:4 windows x86 arch:x86

829a00c199b11488191d29d0703ab211

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
CoTaskMemFree
OleInitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW
GetObjectW
GetStockObject

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
AdjustTokenPrivileges
RegSetValueW
LookupPrivilegeValueW
RegFlushKey
RegSaveKeyW
GetTokenInformation
OpenProcessToken
RegEnumKeyW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
EqualSid
RegEnumValueW
AllocateAndInitializeSid
RegOpenKeyExA
RegLoadKeyW
FreeSid
RegUnLoadKeyW
RegQueryValueExA
RegDeleteValueW
RegDeleteKeyW

msvcrt

malloc
_wtoi
_initterm
memset
wcsncmp
_vsnprintf
_wtol
_XcptFilter
_setjmp3
_ultow
_wcsnicmp
bsearch
free
_wcsicmp
_amsg_exit
memcpy
memmove
longjmp
_vsnwprintf
_adjust_fdiv

crypt32

CryptFormatObject

shlwapi

StrRChrW
StrChrW
PathRemoveFileSpecW
PathAppendW
PathBuildRootW
PathCombineW
StrStrIW
PathAddBackslashW
PathFileExistsW

usp10

ScriptGetProperties

setupapi

SetupSetDirectoryIdW
SetupGetStringFieldW
SetupCloseFileQueue
SetupOpenAppendInfFileW
SetupFindNextLine
SetupGetLineTextW
SetupOpenInfFileW
SetupTermDefaultQueueCallback
SetupCloseInfFile
SetupCommitFileQueueW
SetupInitDefaultQueueCallbackEx
SetupFindFirstLineW
SetupInstallFromInfSectionW
SetupDefaultQueueCallbackW
SetupOpenFileQueue
SetupQueueCopyW

kernel32

GetLocalTime
CreateProcessW
SetLastError
MapViewOfFileEx
GetVersionExW
CreateFileW
CloseHandle
MoveFileW
GetSystemDefaultUILanguage
GetPrivateProfileSectionW
lstrlenA
SetUnhandledExceptionFilter
GetWindowsDirectoryW
GetLastError
GetFileTime
LockResource
SetFilePointer
CreateFileMappingW
GetProcessHeap
GetTempFileNameW
SizeofResource
FreeConsole
GetDiskFreeSpaceW
MultiByteToWideChar
SetFileTime
GetShortPathNameW
MulDiv
FindResourceW
FreeLibrary
LocalAlloc
VirtualAlloc
WriteFile
InterlockedExchange
GetSystemInfo
GetFileAttributesW
LocalFree
SearchPathW
TerminateProcess
LoadResource
GetPrivateProfileStringW
GetDriveTypeW
LocalReAlloc
InterlockedCompareExchange
lstrcmpW
lstrcmpiW
FindNextFileW
WritePrivateProfileStringW
GetProfileStringW
MoveFileExW
GetPrivateProfileIntW
CreateDirectoryW
GetUserDefaultUILanguage
FindClose
lstrlenW
MapViewOfFile
GetTickCount
GetModuleFileNameW
RtlUnwind
GetEnvironmentVariableW
CompareStringW
DisableThreadLibraryCalls
ExpandEnvironmentStringsW
ReadFile
UnhandledExceptionFilter
GetCurrentProcess
DeleteFileW
QueryPerformanceCounter
lstrcmpiA
WritePrivateProfileSectionW
GetCurrentProcessId
GetTempPathW
GetLocaleInfoW
FormatMessageW
FindFirstFileW
EnumResourceLanguagesW
GetCurrentThreadId
Sleep
GetVolumeInformationW
FindResourceExW
GetProcAddress
HeapFree
GetSystemDirectoryW
WideCharToMultiByte
GetFileSize
UnmapViewOfFile
SetFileAttributesW
HeapAlloc
CopyFileW
LoadLibraryExW
RemoveDirectoryW
GetFullPathNameW

user32

ExitWindowsEx
CreateDialogParamW
GetDesktopWindow
MsgWaitForMultipleObjects
DispatchMessageW
UpdateWindow
CharPrevW
CharNextA
GetDlgItemTextW
PeekMessageW
CharNextW
ReleaseDC
IsWindow
SetWindowTextW
SendDlgItemMessageW
MessageBeep
GetWindowRect
DialogBoxParamW
OemToCharA
LoadStringW
MessageBoxW
GetDlgItem
ShowWindow
CharUpperW
SetDlgItemTextW
EnableWindow
DestroyWindow
SetWindowPos
EndDialog
SendMessageW
GetSystemMetrics
GetDC

Sections

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

829a00c199b11488191d29d0703ab211

Headers

File Characteristics

Imports

ole32

version

gdi32

advapi32

msvcrt

crypt32

shlwapi

usp10

setupapi

kernel32

user32

Sections

.text Size: 512B - Virtual size: 428B

.rsrc Size: 21KB - Virtual size: 20KB

.idata Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 160KB

.rdata Size: 8KB - Virtual size: 7KB

.text
Size: 512B - Virtual size: 428B

.rsrc
Size: 21KB - Virtual size: 20KB

.idata
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 160KB

.rdata
Size: 8KB - Virtual size: 7KB