487893133b93c288b182603f26659829_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

487893133b93c288b182603f26659829_JaffaCakes118
Size

325KB
MD5

487893133b93c288b182603f26659829
SHA1

707de24143cfdd7fb371d896e00e4f60f67453f1
SHA256

cdcf2d76c363fe845cc3efae5518bd26d43964d54e50d9f80f6042cb0c59a8cf
SHA512

de986c27c9bbffbb9275ac4383565f2d14c4253bac093e15990ab2efb28523f523765d591cf2db11208b26ffc14d16e9331d6f0610af580ec63398e13062e6ab
SSDEEP

6144:AolT9FTDWLPMpZU0m4hZZPLQOculp6Pp44yc/3+U9oCC7D:A+T9sMLU0mcLQm6Pp4yuU2Cs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487893133b93c288b182603f26659829_JaffaCakes118

Files

487893133b93c288b182603f26659829_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a031b4036f13588e4fcfeae46d954fbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsicmp
strlen
wcstoul
wcscpy
memcpy
memset
wcspbrk
_wcsnicmp
wcstok
swprintf
_adjust_fdiv
_initterm
free
wcscmp
memmove
wcschr
wcslen
malloc
sprintf
wcsspn
iswdigit

ntdll

NtRemoveIoCompletion
RtlFreeUnicodeString
NtFlushBuffersFile
RtlStringFromGUID
RtlGUIDFromString
RtlInitUnicodeString

advapi32

RegEnumValueW
OpenServiceW
RegQueryValueExA
CloseServiceHandle
ControlService
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
OpenSCManagerW

kernel32

HeapFree
GetProcessHeap
TlsAlloc
DeleteCriticalSection
HeapAlloc
SetFilePointer
LoadLibraryA
GlobalMemoryStatusEx
CreateFileW
GetWindowsDirectoryW
UnhandledExceptionFilter
LoadLibraryW
TlsGetValue
GetModuleHandleW
OpenSemaphoreA
SetEvent
CreateThread
SetUnhandledExceptionFilter
MultiByteToWideChar
GetSystemDefaultLangID
LoadLibraryExW
GetLogicalDrives
DisableThreadLibraryCalls
OpenSemaphoreW
GetUserDefaultLCID
GetStartupInfoA
FindResourceW
CreateEventW
HeapCreate
FormatMessageW
CreateMutexW
LocalAlloc
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetUserDefaultLangID
CreateSemaphoreA
WriteFile
VirtualAlloc
FindNextFileA
HeapDestroy
lstrlenW
ReadFile
GetOEMCP
FindResourceExA
AreFileApisANSI
TlsSetValue
WaitForSingleObjectEx
ExpandEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
ResetEvent
GetCommandLineA
GetProcAddress
QueryPerformanceCounter
GetTickCount
DeviceIoControl
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
LCMapStringW
GetLastError
GetCommandLineW
GetThreadLocale
GetCurrentProcess

mprapi

MprConfigServerDisconnect
MprConfigServerConnect

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance

user32

GetForegroundWindow
GetActiveWindow
LoadBitmapA
PostQuitMessage
LoadMenuA
DestroyWindow
CreateWindowExA
GetSystemMetrics
GetDC
LoadCursorA
GetInputState
GetMessageA
EnumWindows
DefWindowProcA
GetCapture
UnregisterClassA
ReleaseDC
GetCaretBlinkTime
GetClipboardSequenceNumber
GetFocus
GetClipboardViewer
FindWindowA
GetClipboardOwner
LoadStringW

ws2_32

WSAStringToAddressW
WSAAddressToStringW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 210KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a031b4036f13588e4fcfeae46d954fbd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

advapi32

kernel32

mprapi

ole32

user32

ws2_32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 210KB - Virtual size: 254KB

.bss Size: - Virtual size: 33KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 210KB - Virtual size: 254KB

.bss
Size: - Virtual size: 33KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 3KB