5f0f878d2fee09d5a45f20173a3a1b39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f0f878d2fee09d5a45f20173a3a1b39_JaffaCakes118
Size

3.7MB
MD5

5f0f878d2fee09d5a45f20173a3a1b39
SHA1

bd04a7356e8331e33cda1b2c088f45e06aaec8bc
SHA256

82c86c9052b2b4c70346f1e1568bbefb77503c9b51eadfc1ae64b56728ae28b1
SHA512

59f629a9cdcbae299ba202591ae7432a5857cb9b4fd17b7ea1b2e5612bc25000dc37933d035c5bcf6a10d77f4478939ff1f2b70d4d6987774b57171efda130dc
SSDEEP

24576:esMBF8V8J98kOVBEbdCtK0asgri1cHkGW7xpnMujVw+0HLcXvQX2a4qdOyYuItAL:Yz8V8J7XqaPkD7w+0rc/QXzAyYuGh8WG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f0f878d2fee09d5a45f20173a3a1b39_JaffaCakes118

Files

5f0f878d2fee09d5a45f20173a3a1b39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5d2daac45a1bbf932420c6b663bfa64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

uxtheme

EnableThemeDialogTexture

kernel32

CompareStringA
GetFullPathNameW
QueryPerformanceCounter
GetFileAttributesW
CompareStringW
QueryPerformanceFrequency
WriteFile
GetCurrentProcess
GetTempPathW
OutputDebugStringA
GetVersionExA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileA
ReadFile
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleHandleA
VirtualFree
VirtualAlloc
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceA
GetSystemInfo
IsProcessorFeaturePresent
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
FreeResource
DeleteFileW
SetFilePointer
lstrcmpiA
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
SetEndOfFile
ExpandEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFileAttributesA
VirtualQuery
IsValidCodePage
IsValidLocale
LoadLibraryA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetModuleFileNameA
GetOEMCP
GetACP
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
RaiseException
ExitProcess
GetLocalTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetTimeZoneInformation
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
lstrlenW
GetLocaleInfoW
GetProcessHeap
HeapFree
HeapAlloc
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
GetLastError
MultiByteToWideChar
SetEnvironmentVariableA
LeaveCriticalSection
LoadLibraryW
GetSystemDirectoryW
InitializeCriticalSection
FreeLibrary
GetCommandLineW
Sleep
lstrcpynW
GetModuleHandleW
FindResourceExW
LockResource
GlobalFree
GlobalUnlock
GetModuleFileNameW
SizeofResource
GlobalAlloc
GlobalLock
LoadResource
FindResourceW
lstrcpyW
WriteProcessMemory
CloseHandle
VirtualAllocEx
GetVersionExW
ReadProcessMemory
VirtualFreeEx
OpenProcess
CreateProcessW
GetSystemDefaultLangID
SetStdHandle
GetDriveTypeA
EnumSystemLocalesA

user32

ReleaseDC
SetCapture
SetRectEmpty
PtInRect
OffsetRect
GetDC
ReleaseCapture
GetKeyboardLayoutList
DestroyWindow
SetCursor
GetIconInfo
CallWindowProcW
ValidateRgn
IsWindowVisible
GetWindow
GetWindowThreadProcessId
CheckMenuItem
DefWindowProcW
SendMessageW
MessageBoxW
FindWindowExW
IsWindow
GetMenuItemCount
CreateDialogParamW
FillRect
RegisterClassExW
ShowWindow
LoadStringW
GetCursorPos
SetWindowPos
LoadIconW
BeginPaint
FindWindowW
GetParent
GetSubMenu
TrackPopupMenu
PostQuitMessage
GetWindowRect
SetTimer
GetKeyboardLayout
IsIconic
UnregisterClassW
LoadCursorW
CallNextHookEx
GetClientRect
GetClassLongW
GetMenu
GetWindowPlacement
GetAsyncKeyState
SetRect
GetWindowLongW
GetWindowTextW
SystemParametersInfoW
MonitorFromWindow
SetWindowLongW
SetMenu
ClipCursor
SetWindowsHookExW
RegisterClassW
GetSystemMetrics
AdjustWindowRect
DestroyMenu
GetMonitorInfoW
EnumDisplaySettingsW
GetUpdateRect
InvalidateRect
ScreenToClient
GetDlgItem
PostMessageW
TranslateMessage
PeekMessageW
CreateWindowExW
DispatchMessageW
LoadMenuIndirectW
CreateDialogIndirectParamW
EndDialog
SetWindowTextW
EndPaint

gdi32

DeleteObject
GetDIBits
DeleteDC
CreateSolidBrush
GdiFlush
CreateDIBSection
GetObjectA
GetTextMetricsA
GetGlyphOutlineA
GetCharacterPlacementA
GetCharacterPlacementW
SelectObject
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
ExtTextOutA
MoveToEx
ExtTextOutW
GetClipBox
GetBoundsRect
BitBlt
GetStockObject
GetObjectW
SetTextColor
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyA
RegQueryValueExA
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetDesktopFolder
ExtractIconW
Shell_NotifyIconW

ole32

StringFromGUID2
CLSIDFromString
CoCreateGuid
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleInitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

shlwapi

PathFileExistsW

gdiplus

GdipCreateFromHWND
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdiplusShutdown
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageHeight
GdipFree
GdipLoadImageFromStream
GdipAlloc
GdiplusStartup

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5d2daac45a1bbf932420c6b663bfa64

Headers

File Characteristics

Imports

comctl32

uxtheme

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 72KB - Virtual size: 122KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 72KB - Virtual size: 122KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB