617a744f467034f32662a81556446743_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

617a744f467034f32662a81556446743_JaffaCakes118
Size

179KB
MD5

617a744f467034f32662a81556446743
SHA1

f52581300d1f1a1bb0775d34d0e67e5e4460316b
SHA256

649c2becf2419302d7475471eba615f2ed1dcc683f9a328a44849f0cdc5931c5
SHA512

24106e3d58a0399e087759b281ff89ba90459805f122f5fe99e990a7e0a788e94f83b5e288a03464e68a0011a4ff32a538adf7362e643e3018492527cc6a9d30
SSDEEP

3072:H68HkH++DN9ekos8m9HBos8kESALjy4oeW2phctoi8wvtqbYUW+yx0m/:a8j+3lr80DYLXouphc9Q1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
617a744f467034f32662a81556446743_JaffaCakes118

Files

617a744f467034f32662a81556446743_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44d138255d9f7c30adb8179ace44cc99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CopyFileA
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindResourceA
FormatMessageA
FreeLibrary
GetACP
GetCurrentDirectoryA
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetOEMCP
GetProcessHeap
GetShortPathNameA
GetStringTypeA
GetSystemDefaultLCID
GetTempFileNameA
GetTimeZoneInformation
GetVersionExA
GlobalDeleteAtom
GlobalHandle
GlobalLock
HeapCreate
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryExA
LocalFileTimeToFileTime
LocalFree
LockResource
MulDiv
ReleaseMutex
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW

user32

BeginPaint
CharLowerA
CheckMenuItem
CloseClipboard
CreateMenu
DefWindowProcA
DestroyCursor
DrawEdge
EnumWindows
FindWindowA
GetCapture
GetClassNameA
GetClientRect
GetCursorPos
GetDesktopWindow
GetMenu
GetParent
GetPropA
GetScrollInfo
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetWindowRect
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
IsRectEmpty
IsWindowEnabled
IsZoomed
LoadBitmapA
MapWindowPoints
OffsetRect
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ScrollWindow
SetFocus
SetRect
SetScrollRange
SetWindowPlacement
SetWindowTextA
SetWindowsHookExA
ShowCursor
TrackPopupMenu
UpdateWindow

gdi32

Arc
CloseEnhMetaFile
CreateBitmap
CreateDIBitmap
CreateEllipticRgn
CreateFontW
CreateICW
CreatePalette
CreatePen
DeleteMetaFile
DeleteObject
EnumFontFamiliesExA
ExtFloodFill
GetClipRgn
GetCurrentPositionEx
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetStockObject
GetStretchBltMode
GetTextExtentPointA
GetWindowOrgEx
InvertRgn
LineDDA
MoveToEx
Polygon
PtInRegion
Rectangle
RemoveFontResourceA
RestoreDC
ScaleWindowExtEx
SelectPalette
SetTextCharacterExtra
SetViewportExtEx
SetWorldTransform

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFile
ExtractAssociatedIconW
ExtractIconA
ExtractIconExA
ExtractIconExW
SHBrowseForFolder
SHBrowseForFolderA
SHGetDesktopFolder
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderPathA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Remove
ImageList_SetBkColor
ImageList_SetImageCount
PropertySheetA

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
CheckTokenMembership
CryptDestroyHash
DeleteService
EqualSid
GetLengthSid
GetSecurityDescriptorDacl
GetUserNameA
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenServiceA
OpenServiceW
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyW
RegEnumValueW
RegOpenKeyA
RegOpenKeyW
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ole32

CoCreateGuid
CoDisconnectObject
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoRegisterMessageFilter
CoReleaseMarshalData
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CreateBindCtx
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleRun
OleSetMenuDescriptor
OleUninitialize
PropVariantClear
RegisterDragDrop
RevokeDragDrop
StringFromGUID2

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44d138255d9f7c30adb8179ace44cc99

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB