5c95861dec09ce8148236734350f0a1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c95861dec09ce8148236734350f0a1b_JaffaCakes118
Size

168KB
MD5

5c95861dec09ce8148236734350f0a1b
SHA1

fd2714d1d8243de4a45ee2578e8eb1c998c9bd32
SHA256

6c82d2cee2c94a60cc5e7f7356cf48e3503bf886c52040294cf496c4af7322b5
SHA512

fcb20b68fad9b7b3e36a8e756a213ee0dd74e16a5a488cf55882571cd3844e3ea0db84e08a9e1ca319d1f71ca3861a92a5bb10bba826a1c253141a31af8ff221
SSDEEP

3072:ijqysKXbCQuKLFuls79eA3IdHvqLo0Jlq/aIuNoMnMdVXV:ijTsgXLFQ6Idp3uNo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c95861dec09ce8148236734350f0a1b_JaffaCakes118

Files

5c95861dec09ce8148236734350f0a1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6af8945fca3078038a36acc22704c329

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_Draw
ImageList_Remove
ImageList_Create
CreateToolbarEx
ord17
ImageList_ReplaceIcon

kernel32

FindFirstFileA
WideCharToMultiByte
GetModuleFileNameA
LoadLibraryA
InterlockedDecrement
CreateFileA
SetEndOfFile
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
ReadFile
GetStringTypeW
GetStringTypeA
GetCPInfo
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SearchPathA
HeapSize
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
GetCurrentThreadId
FindNextFileA
GetProfileStringA
WriteFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
ExitThread
TlsSetValue
CreateThread
ResumeThread
InterlockedIncrement
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
GetFileAttributesA
GetVersion
GetModuleHandleA
GetProcAddress
LocalAlloc
lstrcmpA
LocalFree
ExpandEnvironmentStringsA
FormatMessageA
lstrcpyA
lstrlenA
lstrcatA
GetTickCount
GetCurrentProcess
FindClose
OpenProcess
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileA
GetPrivateProfileStringA
WriteProfileStringA
LCMapStringW
WritePrivateProfileStringA
GetLastError
CloseHandle
CreateDirectoryA
SetFileAttributesA
MoveFileA
RemoveDirectoryA
MultiByteToWideChar
LCMapStringA
GetWindowsDirectoryA
FreeEnvironmentStringsA
RaiseException

user32

DrawFrameControl
GetClassNameA
BeginPaint
DispatchMessageA
PtInRect
EndPaint
TranslateMessage
TranslateAcceleratorA
GetMessageA
DeferWindowPos
BeginDeferWindowPos
LoadAcceleratorsA
CreateDialogParamA
EnumChildWindows
EndDeferWindowPos
GetWindowLongA
SetWindowLongA
DrawMenuBar
LoadStringA
PostQuitMessage
DialogBoxParamA
ModifyMenuA
LoadCursorA
GetSysColorBrush
ChildWindowFromPoint
InvalidateRect
EndDialog
TrackPopupMenu
EnableMenuItem
DeleteMenu
GetSubMenu
InsertMenuA
RegisterClassExA
EnumDisplaySettingsA
FindWindowA
WaitForInputIdle
GetWindowThreadProcessId
SetForegroundWindow
FindWindowExA
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
LoadIconA
GetMenu
CheckMenuItem
SetWindowTextA
MessageBoxA
SetWindowPos
GetWindowRect
IsIconic
IsZoomed
GetDlgItem
SetTimer
GetParent
SetCursor
GetCursorPos
GetClientRect
CreateWindowExA
SetFocus
CallWindowProcA
SendMessageA
GetSysColor
GetSystemMetrics
GetFocus
GetDC
DrawTextA
ReleaseDC
MoveWindow
ShowWindow
ClientToScreen
ScreenToClient
PostMessageA
DestroyWindow
DefWindowProcA
LoadImageA
SetDlgItemTextA
IsDialogMessageA

gdi32

GetObjectA
CreateFontIndirectA
SetBkColor
ExtTextOutA
GetTextExtentPoint32A
GetStockObject
SelectObject
SetTextColor
SetBkMode
CreateSolidBrush

comdlg32

GetSaveFileNameA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegUnLoadKeyA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyA
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
DeleteService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
AllocateAndInitializeSid
FreeSid
EqualSid
LookupAccountSidA
GetTokenInformation
RegLoadKeyA

shell32

ShellExecuteA
SHGetFileInfoA
ShellExecuteExA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6af8945fca3078038a36acc22704c329

Headers

File Characteristics

Imports

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 29KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 29KB

.rsrc
Size: 40KB - Virtual size: 38KB