646ee23bd79ecf0295991025ea2979d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

646ee23bd79ecf0295991025ea2979d2_JaffaCakes118
Size

97KB
MD5

646ee23bd79ecf0295991025ea2979d2
SHA1

8428855513a79ed416a3052b2302ae1d35f3418c
SHA256

4d1c9df9726edc7a87e306e374bd04cb419ca84828d7ad48a335a9bdddc47dbf
SHA512

099589dd52b127feb38a278fc9ce7de278b52b7227f4e1c398e3f98c38c403d81ba8d8b03ddc65b86c645a55d0e06fcceae75da0998e3fa59013b49cd9be96ab
SSDEEP

3072:IKyEQAfA8vVFD6Mn+N8jNHx/OmjmoVecJDx:vDQAfFH6Mn+NebjmoBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
646ee23bd79ecf0295991025ea2979d2_JaffaCakes118

Files

646ee23bd79ecf0295991025ea2979d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d4fafe4ed6236695293072f8c163083

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptEncodeObjectEx
CertEnumSystemStoreLocation
CryptEncodeObject

gdi32

SetBkColor
CreateFontIndirectW
SetTextColor
CreateSolidBrush
DeleteObject

uxtheme

CloseThemeData
OpenThemeData
GetThemeColor
GetThemeFont

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx

shell32

CommandLineToArgvW
ShellExecuteExW

user32

SetWindowTextW
GetWindowLongW
IsDlgButtonChecked
SendDlgItemMessageW
SendMessageW
LoadIconW
SetWindowLongW
GetMessageW
DefWindowProcW
GetParent
FindWindowExW
SetForegroundWindow
GetDlgItem
SetDlgItemTextW
UnregisterDeviceNotification
GetSysColor
GetSysColorBrush
DispatchMessageW
EndDialog
TranslateMessage
GetWindowTextLengthW
LoadStringW
GetDlgCtrlID
ShowWindow
SetFocus
EnableWindow
SetTimer
FindWindowW
RegisterClassExW
DestroyWindow
DialogBoxParamW
SetActiveWindow
GetWindowTextW
PostMessageW
RegisterDeviceNotificationW
CheckDlgButton
PostQuitMessage
UnregisterClassW
CreateWindowExW
KillTimer

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsExW

powrprof

CallNtPowerInformation

advapi32

RegQueryValueExW
RegisterTraceGuidsW
RegCreateKeyW
GetTraceEnableFlags
RegSetValueExW
UnregisterTraceGuids
GetTraceLoggerHandle
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
GetTraceEnableLevel
TraceMessage

kernel32

GetCurrentProcess
InterlockedExchange
EnterCriticalSection
GetStartupInfoW
SetUnhandledExceptionFilter
GlobalAlloc
FindResourceW
LeaveCriticalSection
LockResource
TerminateProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetProcessVersion
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
ExitProcess
LocalAlloc
InterlockedCompareExchange
CreateThread
WideCharToMultiByte
GetModuleHandleA
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
LocalFree
InterlockedDecrement
LoadResource
GetTickCount
CloseHandle
FreeResource
GetLastError
InterlockedIncrement
Sleep

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

msvcrt

wcstoul
_vsnwprintf
_amsg_exit
_cexit
_exit
exit
_initterm
memset
??2@YAPAXI@Z
_wcmdln
__p__fmode
__setusermatherr
__set_app_type
_XcptFilter
__p__commode
?terminate@@YAXXZ
??3@YAXPAX@Z
_wcsicmp
__wgetmainargs
_controlfp

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d4fafe4ed6236695293072f8c163083

Headers

File Characteristics

Imports

crypt32

gdi32

uxtheme

ole32

shell32

user32

setupapi

powrprof

advapi32

kernel32

wtsapi32

msvcrt

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 1024B - Virtual size: 92KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 1024B - Virtual size: 92KB