60e13d939c8c783d3db23d3676c583e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

60e13d939c8c783d3db23d3676c583e3_JaffaCakes118
Size

446KB
MD5

60e13d939c8c783d3db23d3676c583e3
SHA1

546b42abb2e1f64548e246b596813b2a7b794700
SHA256

52671f94a96ab6aad4e918d8542ea94df1653f720d408e04b19d6cf78693fdc8
SHA512

6d9d3273cad2013e5f05738f1567db5cf686726bf96d34b7f002b5db350c6ca2fade5b80171ebc424dd3238de7ba7a89a20ecf1c29cc63295ea8a5f61b1c11dc
SSDEEP

12288:u7p02iyO6/xuBwfmzFdCZw0ClYR4L26sWi:utNiyP5uBvREO0ClYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60e13d939c8c783d3db23d3676c583e3_JaffaCakes118

Files

60e13d939c8c783d3db23d3676c583e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e93aec73a95d6745e536340798c2872e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_vsnprintf
wcslen
qsort
_except_handler3
_vsnwprintf

user32

EndDeferWindowPos
GetUpdateRect
GetSysColorBrush
SendDlgItemMessageW
ClientToScreen
GetCursorPos
SetParent
GetDC
CreateIconIndirect
GetIconInfo
LoadImageW
CopyImage
InflateRect
GetWindow
LoadStringA
GetWindowTextA
LoadIconW
SetDlgItemTextW
GetDlgItemTextW
GetSysColor
FillRect
DrawFocusRect
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
ChildWindowFromPointEx
GetFocus
LoadCursorW
SetCursor
EndDialog
GetWindowDC
ReleaseDC
InvalidateRect
GetClientRect
DeferWindowPos
CheckDlgButton
EnableWindow
ShowWindow
SetWindowTextW
GetWindowTextW
MessageBeep
GetWindowTextLengthW
SetWindowPos
GetSystemMetrics
SetPropW
SendMessageW
PostMessageW
GetParent
RemovePropW
CallWindowProcW
GetPropW
SetFocus
GetDlgCtrlID
GetWindowRect
MapWindowPoints
EnumChildWindows
GetDlgItem
SetWindowLongW
DestroyIcon
LoadStringW
ScreenToClient
GetWindowLongW
SetWindowContextHelpId
WinHelpW
DestroyWindow
BeginDeferWindowPos
MessageBoxA
DialogBoxParamW
DialogBoxIndirectParamW
ReleaseCapture
GetCapture
CheckRadioButton
CreateWindowExW

gdi32

SetTextColor
DeleteObject
SetBkMode
DeleteDC
CreateCompatibleDC
TextOutW
SelectObject
GetTextMetricsW
CreateSolidBrush
StretchDIBits
CreateCompatibleBitmap
Rectangle
GetStockObject
BitBlt
SetStretchBltMode
GetObjectW
GetBitmapBits
StretchBlt
CreateBitmap
SetDIBitsToDevice
MoveToEx
SetTextAlign
SetBkColor
IntersectClipRect
CreateFontIndirectW
GetTextExtentPointW

kernel32

CreateMutexW
ReleaseActCtx
ReleaseMutex
WaitForSingleObject
GetCurrentThreadId
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
CloseHandle
LoadResource
LockResource
FreeResource
MultiByteToWideChar
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcmpA
lstrcmpW
LocalFree
LocalAlloc
lstrlenA
lstrlenW
IsBadWritePtr
GetModuleFileNameA
DeactivateActCtx
ActivateActCtx
SetLastError
GetLastError
AddRefActCtx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
CreateActCtxW
GetWindowsDirectoryW
lstrcpynW
SearchPathW
FindClose
FindFirstFileW
FindResourceW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyW

msimg32

TransparentBlt

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

wnsprintfW
ord215
ord346

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.p102
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0x9a9
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kalqo
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.88111
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9102
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1827
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7382
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.81721
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajdiw
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a5
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a6
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.11524
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e93aec73a95d6745e536340798c2872e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

gdi32

kernel32

advapi32

msimg32

version

shlwapi

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 1KB

.p102 Size: 512B - Virtual size: 186B

.0x9a9 Size: 199KB - Virtual size: 198KB

.kalqo Size: 512B - Virtual size: 186B

.88111 Size: 512B - Virtual size: 186B

.9102 Size: 512B - Virtual size: 186B

.1827 Size: 512B - Virtual size: 186B

.7382 Size: 512B - Virtual size: 186B

.81721 Size: 512B - Virtual size: 186B

.ajdiw Size: 199KB - Virtual size: 198KB

.09a Size: 512B - Virtual size: 208B

.09a5 Size: 512B - Virtual size: 216B

.09a6 Size: 512B - Virtual size: 186B

.11524 Size: 512B - Virtual size: 158B

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 252B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 1KB

.p102
Size: 512B - Virtual size: 186B

.0x9a9
Size: 199KB - Virtual size: 198KB

.kalqo
Size: 512B - Virtual size: 186B

.88111
Size: 512B - Virtual size: 186B

.9102
Size: 512B - Virtual size: 186B

.1827
Size: 512B - Virtual size: 186B

.7382
Size: 512B - Virtual size: 186B

.81721
Size: 512B - Virtual size: 186B

.ajdiw
Size: 199KB - Virtual size: 198KB

.09a
Size: 512B - Virtual size: 208B

.09a5
Size: 512B - Virtual size: 216B

.09a6
Size: 512B - Virtual size: 186B

.11524
Size: 512B - Virtual size: 158B

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 252B