40a4df3c543ba2228ff75a92334a6be0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40a4df3c543ba2228ff75a92334a6be0_JaffaCakes118
Size

160KB
MD5

40a4df3c543ba2228ff75a92334a6be0
SHA1

0cfa7e2f1826af99a3ac66e3287be694ac4abbc2
SHA256

6cc1d521cf38a26ba4d9580b85029bae8a404f64fecd6f21a15c5678e67da972
SHA512

2877be7a2eca642e1d02b7369e243ad6b7de40d36173d32932ebd5f9dd5eb07f4239dc3c4a98be270bbf4f7f01798677aa811fec574aee52ee7ee85105e653c2
SSDEEP

3072:5J2xjg02NEz7iEFcMufmFOazO1WZ93yGobNoFL:5RqWElufmfO4Z9ivJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a4df3c543ba2228ff75a92334a6be0_JaffaCakes118

Files

40a4df3c543ba2228ff75a92334a6be0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

65ca11c854a5ebe6cb2cc62f5abe2a9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mscories.pdb

Imports

user32

CharPrevW
SendDlgItemMessageW
GetDlgItem
SetDlgItemTextW
SetDlgItemTextA
SetWindowTextW
SetWindowTextA
LoadCursorW
LoadCursorA
LoadIconW
LoadIconA
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
MessageBoxW
MessageBoxA
LoadImageW
LoadImageA
LoadAcceleratorsW
LoadAcceleratorsA
CreateWindowExW
CreateWindowExA
RegisterClassW
RegisterClassA
GetClassInfoW
GetClassInfoA
LoadMenuW
LoadMenuA
SendMessageW
SendMessageA
GetProcessWindowStation
GetUserObjectInformationW
LoadStringW
LoadStringA
GetMessageW
GetMessageA
IsDialogMessageW
IsDialogMessageA
SetWindowLongA
GetWindowLongA
TranslateAcceleratorW
TranslateAcceleratorA
DefWindowProcW
DefWindowProcA
GetClassNameW
GetClassNameA
PostMessageW
PostMessageA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
GetWindowTextW
GetWindowTextA
SystemParametersInfoA
CallWindowProcA
GetWindowLongW
SetWindowLongW

kernel32

UnhandledExceptionFilter
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
SetConsoleCtrlHandler
SetStdHandle
LCMapStringW
LCMapStringA
HeapSize
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
LocalAlloc
LocalFree
GetLastError
MultiByteToWideChar
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetWindowsDirectoryW
FindNextFileA
FindNextFileW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
lstrlenW
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
GetVersionExW
GetComputerNameA
GetComputerNameW
WideCharToMultiByte
GetCPInfo
EnumResourceLanguagesW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
GetTempFileNameA
GetTempFileNameW
SetLastError
FindResourceA
FindResourceW
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
LoadLibraryExA
LoadLibraryExW
FormatMessageA
FormatMessageW
SearchPathA
SearchPathW
GetPrivateProfileIntA
RaiseException
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
CloseHandle
GetFileType
CreateFileA
CreateFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
DeleteFileA
MoveFileExW
DeleteFileW
GetDriveTypeA
GetDriveTypeW
GetVolumeInformationA
GetVolumeInformationW
CreateSemaphoreA
CreateSemaphoreW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
GetDateFormatA
GetDateFormatW
FindClose
FindFirstFileA
FindFirstFileW
OutputDebugStringA
OutputDebugStringW
FatalAppExitA
FatalAppExitW
CreateMutexA
CreateMutexW
CreateEventA
CreateEventW
OpenEventA
OpenEventW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
GetEnvironmentVariableA
GetEnvironmentVariableW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
CreateProcessA
CreateProcessW
lstrcatW
lstrcpyW
FreeLibrary
GetProcAddress
OpenProcess
GetCurrentProcessId
GetSystemInfo
WriteFile
GetStdHandle
VirtualAlloc
VirtualQuery
GetProcessAffinityMask
GetCurrentProcess
GetCommandLineA
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
TerminateProcess
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
IsBadWritePtr
GetACP
GetOEMCP
LoadLibraryA
InterlockedExchange

advapi32

RegisterEventSourceA
ReportEventW
DeregisterEventSource
LookupAccountNameW
LookupAccountNameA
LookupAccountSidW
LookupAccountSidA
CryptAcquireContextA
RegQueryValueExW
RegReplaceKeyW
RegReplaceKeyA
RegRestoreKeyW
RegRestoreKeyA
RegUnLoadKeyW
RegUnLoadKeyA
RegLoadKeyW
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueW
RegQueryValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
SetFileSecurityW
SetFileSecurityA
LookupPrivilegeValueW
LookupPrivilegeValueA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
GetUserNameW
GetUserNameA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegEnumKeyExA
RegCloseKey

Exports

Exports

Install
Uninstall

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65ca11c854a5ebe6cb2cc62f5abe2a9f

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.data Size: 60KB - Virtual size: 63KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.data
Size: 60KB - Virtual size: 63KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB