5a7710e71e6438b0966177cfbc82e927_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a7710e71e6438b0966177cfbc82e927_JaffaCakes118
Size

567KB
MD5

5a7710e71e6438b0966177cfbc82e927
SHA1

aeee58f215a5421c05e542a35cfb0c0fe6c438b0
SHA256

2d86899bdccd1ef27c9c628ec996718241caa633526f040f0da98f5f62e0acef
SHA512

73c1aad5d687255c2e488043497d76094d85c055b9a1e3374b7df085cc74f2b66f3b7cc3e5b8a0a9b19913beb864fa1e6c27e323dac326723d6e154375bcfe83
SSDEEP

12288:s8pUf3DzERTHF+EvVkwzPvW7y57zxTiHScZzZ:s8pUfTzE1vVkwzHWe5PJ7cBZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a7710e71e6438b0966177cfbc82e927_JaffaCakes118

Files

5a7710e71e6438b0966177cfbc82e927_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48e805ea081d2302de5486c80f34c151

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcsncat
strtoul
wcscspn
free
malloc
wcsspn

advapi32

RegCloseKey
RegSetValueExW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW

kernel32

lstrcpynW
CloseHandle
CreateFileW
CreateDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrcpyW
GetCommandLineW
lstrcmpiW
DeleteFileW
SetFileAttributesW
CopyFileW
WriteFile
ReadFile
GetFileSize
GetFileAttributesW
GetLastError
SetErrorMode
SizeofResource
LockResource
LoadResource
FindResourceW
LoadLibraryExW
lstrlenA
GetLongPathNameW
ExpandEnvironmentStringsW
lstrcmpW
GetProcAddress
LoadLibraryW
lstrcmpiA
SetFilePointer
GetPrivateProfileIntW
WideCharToMultiByte
FindClose
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
ExitProcess
GetStartupInfoA
GetModuleHandleW
LocalAlloc
LocalFree
lstrcatW
lstrlenW
GetTempPathW
CreateProcessW

gdi32

GetDeviceCaps
CreateCompatibleDC
GetMapMode
CreateSolidBrush
SelectObject
BitBlt
SetMapMode
DeleteDC
DeleteObject
CreateFontIndirectW

user32

IsWindowEnabled
SystemParametersInfoW
InvalidateRect
GetParent
wsprintfA
SetWindowLongW
DrawEdge
SetWindowTextW
GetSystemMetrics
FillRect
OffsetRect
GetSysColorBrush
FrameRect
InflateRect
DrawFocusRect
SetFocus
GetWindowRect
GetSysColor
IsDlgButtonChecked
CharUpperW
CheckDlgButton
EnumWindows
EnableWindow
GetDlgItem
GetWindowLongW
PostMessageW
GetClassNameW
SendMessageW
MessageBoxW
CallWindowProcW
DefWindowProcW
ReleaseDC
BeginPaint
EndPaint
IsWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
GetDC
GetClientRect
LoadStringW

shlwapi

SHSetValueW
PathCanonicalizeW
PathRelativePathToW
PathCombineW
ord217
StrToIntExW
ord441
ord346
ord215
ord294
ord295
StrChrW
PathFindFileNameW
StrCmpIW
PathMakeSystemFolderW
StrCpyNW
SHRegisterValidateTemplate
PathRemoveFileSpecW
StrStrIW
PathUnExpandEnvStringsW
wnsprintfW
StrCmpNIW
StrCpyW
StrCatBuffW
PathAppendW
PathFindExtensionW
SHGetValueW
PathIsDirectoryW

comctl32

CreatePropertySheetPageW
ord320
ord324
ord321
PropertySheetW
ord322

shell32

ord709
ord42
SHGetFolderPathW
SHChangeNotify
ShellExecuteExW

ole32

StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize

comdlg32

GetOpenFileNameW
ChooseColorW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48e805ea081d2302de5486c80f34c151

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shlwapi

comctl32

shell32

ole32

comdlg32

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 480KB - Virtual size: 479KB

.rdata Size: 60KB - Virtual size: 60KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 480KB - Virtual size: 479KB

.rdata
Size: 60KB - Virtual size: 60KB