5b699d3ddb9061350952bfafd2537efd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b699d3ddb9061350952bfafd2537efd_JaffaCakes118
Size

334KB
MD5

5b699d3ddb9061350952bfafd2537efd
SHA1

6dd323f5e3f5c26bc1b9bac82410719c4f6f34f3
SHA256

7b17694fe3e1165c110551770ebc9e45123442a31dcda2150939628fcd4122df
SHA512

9e4ec04f36dd0333cab64570823033cc6606065b12eff1ce3be6a50f6ad23711730537f470c725d99624fd37cf4d24026aa0821330475eb6113383e32131a427
SSDEEP

6144:M9spKMdyKync0DbZ0NdVZxbR/Q4XVM/WhE+7/tsbTGNZHHZ7X4ZoeusZI:xYMd/ync4d07JR44XVM/WO+7/qbTGNZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b699d3ddb9061350952bfafd2537efd_JaffaCakes118

Files

5b699d3ddb9061350952bfafd2537efd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4703268b3d56d29e5c687ae4bf2c8676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

installWAVE2-7zip.pdb

Imports

kernel32

SetLastError
InterlockedExchange
GlobalUnlock
GlobalFree
FreeResource
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetUserDefaultUILanguage
WriteFile
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
VirtualQuery
GetLocalTime
SetUnhandledExceptionFilter
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
GetCurrentThreadId
TlsSetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
HeapSize
Sleep
LoadLibraryA
LCMapStringA
GetStringTypeA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
FlushFileBuffers
ReadFile
CreateThread
FreeLibrary
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsProcessorFeaturePresent
lstrlenA
CloseHandle
OpenProcess
VerSetConditionMask
TlsAlloc
VerifyVersionInfoW
InterlockedCompareExchange
LocalAlloc
WaitForSingleObject
TlsFree
GetExitCodeProcess

gdi32

StretchBlt
SetTextColor
SetBkColor
SetBkMode
GetBkColor
CreateSolidBrush
GetDIBColorTable
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC
DeleteObject
CreateDIBSection

user32

IsDlgButtonChecked
HideCaret
GetCursorPos
GetWindowRect
MonitorFromWindow
GetClientRect
PtInRect
GetCursor
UnregisterClassA
ShowWindow
SetParent
SetWindowPos
MapWindowPoints
GetParent
SetFocus
GetWindow
PostQuitMessage
GetDlgItem
MsgWaitForMultipleObjects
IsWindow
TranslateMessage
GetDesktopWindow
DestroyWindow

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
ord17

shell32

CommandLineToArgvW
SHGetFolderPathW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
VarUI4FromStr
SysAllocStringLen

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4703268b3d56d29e5c687ae4bf2c8676

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msimg32

comctl32

shell32

ole32

oleaut32

psapi

Sections

.text Size: 169KB - Virtual size: 168KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 169KB - Virtual size: 168KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB

PACK
Size: 144KB - Virtual size: 380KB