69d065510eba5f58bb8c4964e1225beb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69d065510eba5f58bb8c4964e1225beb_JaffaCakes118
Size

320KB
MD5

69d065510eba5f58bb8c4964e1225beb
SHA1

12042432747e5c0ab9e2f692e3bda30ffef757e4
SHA256

a63ce419e99533b36a6492cdd50b47773e985110e5203b26bd570a8d6db72231
SHA512

c046ac402d196caaecdc32f99c5496ff7ffb34d005cc66e70a884cde680bea6e8cc44d9dfecee9b512853a0e5f443156f6fabb260dbde6f81126ef7477a9bc39
SSDEEP

6144:RAPo+ggKcmvbJNGiKLgzec4BgJMM5kZG++PoKtt59Xq8SMdPANdCUy9:RAPoZTbJNGVLeecL+mQqLa8S+kQUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69d065510eba5f58bb8c4964e1225beb_JaffaCakes118

Files

69d065510eba5f58bb8c4964e1225beb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0da9fc8e8e297cbd32b7bb04e5147100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGenRandom
CryptContextAddRef
AbortSystemShutdownA
CryptGetUserKey
RegSaveKeyA
RegCreateKeyExW
RegSetValueW
RegLoadKeyA
LookupPrivilegeDisplayNameW
InitiateSystemShutdownW
CryptGetDefaultProviderA
CryptGetProvParam
CryptVerifySignatureW
ReportEventW
RegEnumValueA
InitializeSecurityDescriptor
CryptHashSessionKey
CryptEnumProviderTypesW
CryptExportKey
CryptImportKey
CryptDestroyKey
LogonUserA
CryptGenKey
RegSetValueA
CreateServiceA

comctl32

ImageList_Write
ImageList_GetImageRect
ImageList_LoadImageW
ImageList_GetBkColor
ImageList_Replace
ImageList_DrawEx
ImageList_LoadImage
ImageList_DrawIndirect
ImageList_GetIcon
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_Read
DrawInsert
MakeDragList
ImageList_DragMove
CreateToolbarEx
InitMUILanguage
ImageList_SetBkColor
ImageList_Add
CreateStatusWindowW
ImageList_SetDragCursorImage
ImageList_GetFlags
ImageList_Destroy
DrawStatusTextA
ImageList_LoadImageA
CreateStatusWindow

comdlg32

GetSaveFileNameW
PrintDlgW
GetFileTitleW
FindTextA

user32

wvsprintfW
RegisterClassExW
GetDlgItemTextA
IsMenu
DdeSetQualityOfService
SetScrollInfo
DefWindowProcW
MapVirtualKeyA
UnregisterClassA
DdeConnectList
GetKeyState
DdeFreeStringHandle
CreateWindowExA
RegisterClassA
ShowWindow
MsgWaitForMultipleObjectsEx
SetMenu
FlashWindow
VkKeyScanA
DialogBoxParamA
MessageBoxW
GetKeyboardLayoutNameW
DefDlgProcA
GetDlgItemTextW
PostMessageW
SetUserObjectSecurity
GetMenuItemInfoA
IsWindowEnabled
IsDialogMessageA
OemToCharW
EnumDisplaySettingsW
GetClassInfoExW
CheckMenuItem
SwitchDesktop
DrawFocusRect
SetUserObjectInformationA
RegisterClassExA
GetMessageW
SetWindowTextA
CreateIconFromResource
BringWindowToTop
DestroyWindow
CreateDialogParamW
TranslateAccelerator
GetMenuItemID
GetIconInfo
IsDialogMessage
FrameRect
CallWindowProcA
GetTabbedTextExtentW

gdi32

GetDeviceCaps
GetArcDirection
GetObjectW
CreateDCA
DeleteDC
CombineRgn

kernel32

GetLocaleInfoA
GetTimeFormatA
GetStringTypeA
HeapDestroy
QueryPerformanceCounter
LCMapStringA
TerminateProcess
SetEnvironmentVariableA
InterlockedExchange
GetACP
EnumCalendarInfoExA
GetProcAddress
GetModuleFileNameW
GetEnvironmentVariableW
CompareStringW
GetStringTypeW
FlushFileBuffers
HeapCreate
VirtualProtect
RtlUnwind
WriteFile
CloseHandle
GetStartupInfoA
ReadConsoleOutputA
HeapReAlloc
TlsGetValue
GetModuleFileNameA
CompareStringA
GetUserDefaultLCID
VirtualAlloc
FreeEnvironmentStringsA
EnterCriticalSection
GetModuleHandleA
SetStdHandle
SetHandleCount
GetTickCount
UnhandledExceptionFilter
GetStdHandle
SetLastError
GetEnvironmentStrings
EnumSystemLocalesA
GetFileType
SetFilePointer
GetCurrentThreadId
GetLocaleInfoW
GetOEMCP
GetSystemTimeAsFileTime
TlsSetValue
FreeEnvironmentStringsW
IsBadWritePtr
EnumResourceTypesA
HeapSize
WideCharToMultiByte
TlsFree
GetCurrentProcess
ReadFile
HeapAlloc
GetCommandLineW
GetEnvironmentStringsW
WritePrivateProfileStringW
LeaveCriticalSection
GetSystemInfo
VirtualFree
CreateMutexA
ExitProcess
IsValidLocale
InitializeCriticalSection
GetCurrentThread
GetLastError
GetSystemTimeAdjustment
IsValidCodePage
DeleteCriticalSection
OpenMutexA
LCMapStringW
MultiByteToWideChar
GetVersionExA
HeapFree
lstrcpynW
TlsAlloc
GetDateFormatA
GetCurrentProcessId
FlushInstructionCache
LoadLibraryA
GetCPInfo
GetStartupInfoW
VirtualQuery
GetTimeZoneInformation
GetCommandLineA

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da9fc8e8e297cbd32b7bb04e5147100

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

user32

gdi32

kernel32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 92KB - Virtual size: 109KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 92KB - Virtual size: 109KB

.rsrc
Size: 12KB - Virtual size: 8KB