69f3db520b3c1bf3122719fa783b2924_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69f3db520b3c1bf3122719fa783b2924_JaffaCakes118
Size

636KB
MD5

69f3db520b3c1bf3122719fa783b2924
SHA1

51215c0abbe4501a19a11c44c7840e77744d09c6
SHA256

58694fe85e84763845a778ef7ee691d5a31c779c9559fef3885c240de9804589
SHA512

5031b457d348eb5a491f7b65b7a0b946c0f6faf4b6a8e5154fc2dd8bf10b4035101f6fd6d1e0d9ba1e0d13a66f331b21cdab31547cd68bfec16ef81e457c7994
SSDEEP

12288:/y3xNp3u3gxVoMC2pummH4o8legObO4X9mX5mMnBmvws3Fu/yiGNy6lJXge3A:/y790mpjUOOoYks0/yDx3A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f3db520b3c1bf3122719fa783b2924_JaffaCakes118

Files

69f3db520b3c1bf3122719fa783b2924_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d401014546010f5d878431b2624f929d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetCursorPos
ClientToScreen
GetActiveWindow
DestroyWindow
GetParent
UpdateWindow
FillRect
ShowWindow
EnableWindow
SetWindowPos
TranslateMessage
IsWindowEnabled
LoadStringA
EnableMenuItem
RegisterClassA
GetSubMenu
CreateWindowExA
DispatchMessageA
EndPaint
SetFocus
BeginPaint
DefWindowProcA
GetSystemMetrics
GetDC
IsIconic
PostMessageA
SetWindowLongA
SetWindowTextA
GetWindowLongA
PtInRect
SetTimer
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
SetForegroundWindow
EndDialog
SetDlgItemTextA
DialogBoxParamA
GetSysColor
SystemParametersInfoA
DrawTextA
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
GetFocus
SetCursor
ReleaseDC
PostQuitMessage
GetWindowRect

kernel32

RtlUnwind
GetStdHandle
GetConsoleOutputCP
lstrlenW
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
CreateFileA
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
InitializeCriticalSection
GetOEMCP
VirtualAlloc
FindResourceA
ReleaseMutex
VirtualFree
HeapCreate
lstrcmpiW
SizeofResource
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
CompareStringA
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
GetShortPathNameA
Sleep
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetProcAddress
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
ResetEvent
GetDiskFreeSpaceA
FindNextFileW
CreateProcessA
CompareStringW
GetProcessHeap
GetSystemInfo
GlobalLock
DeleteFileW
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetPrivateProfileStringA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
TlsGetValue
GetSystemTime
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource

gdi32

BitBlt
SetBkColor
DeleteObject
GetDeviceCaps
CreateCompatibleDC
CreateSolidBrush

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

oleaut32

SysFreeString
SysAllocString
SysStringLen

Sections

.text
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d401014546010f5d878431b2624f929d

Headers

File Characteristics

Imports

advapi32

user32

kernel32

gdi32

version

oleaut32

Sections

.text Size: 540KB - Virtual size: 539KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 28KB - Virtual size: 29KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 540KB - Virtual size: 539KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 28KB - Virtual size: 29KB

.rsrc
Size: 8KB - Virtual size: 4KB