61031785a8b8a24a4bb088ec58646324_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61031785a8b8a24a4bb088ec58646324_JaffaCakes118
Size

211KB
MD5

61031785a8b8a24a4bb088ec58646324
SHA1

3f42d13269627d9468540ad28d9717eb090bd581
SHA256

1153fa726592cfb29c446200ff3bb432b51f74d875cc8ac96a38cd03eb7eba8c
SHA512

1765069ec9a33ebf07d55c0a43d2285a7ccb9f65a4cae0ea02cd89afa6ddece5d35a5146c7834c87d963778816686014c4c8d02b99b68534778c768d89c93fdf
SSDEEP

1536:2UDxo003dVlhOvCu12imRxBfV9/egHVrviqWrUcwtvAM0YeaYuUjlRNEs:2UDZ03dVlhOvC7iCBfeg1rwrUcwVfs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61031785a8b8a24a4bb088ec58646324_JaffaCakes118

Files

61031785a8b8a24a4bb088ec58646324_JaffaCakes118
.exe windows:5 windows x86 arch:x86

133fafc1bfc09986da5f6a54fc92c3e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

icwconn1.pdb

Imports

msvcrt

swscanf
free
malloc
_vsnwprintf
_except_handler3
_wmakepath
_wsplitpath
??2@YAPAXI@Z
_wtoi
setlocale
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
??3@YAXPAX@Z
__set_app_type
_controlfp
memmove

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteValueW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueW

kernel32

LocalFree
GetTickCount
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
lstrcpynW
lstrcpyW
lstrcmpiW
GetPrivateProfileStringW
SearchPathW
lstrcatW
GetSystemDirectoryW
LoadLibraryA
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
CloseHandle
CreateFileW
GetFileAttributesW
lstrlenW
GetProcAddress
GetVersion
GlobalAlloc
CreateProcessW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetPrivateProfileIntW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetCurrentDirectoryW
QueryPerformanceCounter
LocalAlloc
FreeLibrary
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GlobalFree
SetErrorMode
GetCommandLineW
ExitProcess
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
FormatMessageW
MulDiv
GetCurrentProcess
GetVersionExW
TerminateProcess
GetExitCodeThread
GetCurrentThreadId

gdi32

SelectObject
DeleteDC
CreateCompatibleDC
SetBkMode
DeleteObject
GetObjectW
CreateFontIndirectW
CreateCompatibleBitmap
GetDeviceCaps
StretchBlt
BitBlt
SetTextColor
SetBkColor
GetTextMetricsW
SetMapMode
GetMapMode
CreateBitmap
DPtoLP
GetStockObject

user32

GetClassInfoW
UnregisterClassW
RegisterClassW
DrawIcon
BeginPaint
DrawEdge
EndPaint
RedrawWindow
DrawTextW
CopyRect
OffsetRect
InflateRect
DrawFocusRect
PostQuitMessage
LoadIconW
GetNextDlgTabItem
IsChild
SendMessageW
CallWindowProcW
SetWindowLongW
MessageBoxW
wsprintfW
LoadStringW
TranslateAcceleratorW
GetWindowLongW
MessageBeep
TranslateMessage
DestroyWindow
GetMessageW
DialogBoxParamW
GetSysColor
GetDlgItem
MoveWindow
GetSystemMetrics
GetWindowRect
CheckRadioButton
EndDialog
IsDlgButtonChecked
GetDlgCtrlID
GetDC
WaitMessage
PeekMessageW
LoadStringA
LoadImageW
LoadAcceleratorsW
ReleaseDC
SetMessageQueue
BringWindowToTop
SetForegroundWindow
GetLastActivePopup
FindWindowW
PostMessageW
ShowWindow
GetParent
CharNextW
CharPrevW
SetWindowTextW
SetWindowPos
EnableWindow
MsgWaitForMultipleObjects
CheckDlgButton
GetWindowTextW
DefWindowProcW
FillRect
GetClientRect
GetSysColorBrush
LoadCursorW
SetCursor
ExitWindowsEx
SendDlgItemMessageW
UpdateWindow
MapWindowPoints
InvalidateRect
IsRectEmpty
GetUpdateRect
IsWindowVisible
EnumThreadWindows
GetFocus
SetFocus
IsWindowEnabled
GetWindow
EnumChildWindows
RegisterClassExW
CreateWindowExW
CreateDialogParamW
GetDesktopWindow
DispatchMessageW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

shlwapi

PathIsURLW
PathIsFileSpecW

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

133fafc1bfc09986da5f6a54fc92c3e0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 62KB - Virtual size: 61KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 143KB - Virtual size: 144KB

.text
Size: 62KB - Virtual size: 61KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 143KB - Virtual size: 144KB