3535115ab3b7e76aee7fd44138ef509b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3535115ab3b7e76aee7fd44138ef509b_JaffaCakes118
Size

293KB
MD5

3535115ab3b7e76aee7fd44138ef509b
SHA1

cc12280b1f8242f15bf68b401df9fea539149657
SHA256

47da2385ac8742ca85d6f0ebb1787aac91dcab13420175564f4608ce7a5dc507
SHA512

a5729171cc6744864401b6a5321d81a13b6d0e0c555d6db11b83061ef020b836326db152a46be61593b7bd7bb8f7b3482b385bc1fad1e839146bd899d6ab559e
SSDEEP

6144:6vhOZEABLyFfWxqxdGuzOnarHHAyO62BhNNFnC6Bca/GDzJlh:6vozBWFu4fG2qMnAywT/FC6BxuD3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3535115ab3b7e76aee7fd44138ef509b_JaffaCakes118

Files

3535115ab3b7e76aee7fd44138ef509b_JaffaCakes118
.exe windows:8 windows x86 arch:x86

788f3e61c5ad65de78420d8d7c02705d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

StrCpyNW
PathAppendW
StrCatW
SHGetValueW
StrCmpW
StrDupW
PathIsRootW
StrCmpIW
PathIsDirectoryW

shell32

SHGetMalloc
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation

user32

EnableWindow
EndDialog
SendMessageW
SystemParametersInfoW
SetFocus
IsWindow
MessageBoxA
MessageBoxW
ReleaseDC
RedrawWindow
wsprintfW
FindWindowW
SetCursor
TranslateMessage
SetWindowPos
CopyRect
LoadCursorW
SetWindowLongA
DefWindowProcW
GetDlgItem
DialogBoxParamW
SendMessageA
EnumThreadWindows
CreateWindowExW
DispatchMessageW
GetSysColor
LoadStringW
EnumChildWindows
GetDC
PostQuitMessage
GetWindowLongW
GetWindowLongA
GetClientRect
SetWindowLongW
RegisterClassExW

kernel32

LeaveCriticalSection
FreeLibrary
lstrlenW
SetCommState
LoadLibraryExW
SetCurrentDirectoryW
CreateFileA
CreateThread
CloseHandle
VirtualAlloc
GetCurrentProcess
SetUnhandledExceptionFilter
CreateProcessW
GetStartupInfoA
CreateDirectoryA
EnterCriticalSection
GetTickCount
lstrcatW
UnhandledExceptionFilter
InitializeCriticalSection
SetLastError
ExitThread
GetModuleFileNameW
GetFileAttributesW
HeapCreate
SetFileAttributesW
GetModuleHandleW
FindNextFileW
VirtualFree
TerminateProcess
DeleteCriticalSection
ExpandEnvironmentStringsW
DeleteFileW
GetModuleHandleA
DeleteFileA
GetEnvironmentStringsW
GetVersionExW
lstrcpyW
SetFilePointer
HeapQueryInformation
IsDBCSLeadByte
FileTimeToDosDateTime
CreateDirectoryW
GetFileAttributesA
WriteFile
GetProcAddress
CopyFileW
CreateEventW
MultiByteToWideChar
GetVersionExA
FindFirstFileA
FormatMessageW
FindClose
HeapLock
FindFirstFileW
GetWindowsDirectoryW
CreateFileW
FileTimeToLocalFileTime
HeapAlloc
CloseHandle
LocalFree
GetCurrentThreadId
GetTempFileNameA
WaitForSingleObject
HeapUnlock
GetCurrentProcessId

msvcrt

_except_handler3
_wcsnicmp
_wtoi
??3@YAXPAX@Z
wcschr
__p__commode
_mbsrchr
wcsrchr
__setusermatherr
strtoul
wcslen
__p__fmode
_XcptFilter
iswspace
_initterm
setlocale
_wcsicmp
wcsncpy
_ftol
__getmainargs
_c_exit
wcscpy
wcscat
_controlfp
??2@YAPAXI@Z
_acmdln
_exit
_mbschr
wcsncmp

ole32

CoTaskMemFree
CLSIDFromString
CoUninitialize

setupapi

SetupOpenAppendInfFileW
SetupFindFirstLineW
SetupGetStringFieldW
SetupOpenInfFileW
SetupGetLineCountW
SetupCloseInfFile

advapi32

AllocateAndInitializeSid
RegQueryValueW
RegQueryValueExW
RegEnumKeyW
OpenProcessToken
LookupPrivilegeValueW
LookupAccountSidW
RegSetValueExW
AdjustTokenPrivileges
RegCloseKey
RegEnumKeyExW

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

788f3e61c5ad65de78420d8d7c02705d

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

shell32

user32

kernel32

msvcrt

ole32

setupapi

advapi32

Sections

.text Size: 255KB - Virtual size: 255KB

.data Size: 35KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 704KB

.text
Size: 255KB - Virtual size: 255KB

.data
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 704KB