6a1d2fac8a8d6bc9dd0e2591ae53d889_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a1d2fac8a8d6bc9dd0e2591ae53d889_JaffaCakes118
Size

880KB
MD5

6a1d2fac8a8d6bc9dd0e2591ae53d889
SHA1

92b3117e808ebcb78934590645b0623ac6e0d94d
SHA256

072a2a238fc15ae6cf5a4852f5c659dca7db58de3bef009a409b6298bac1f7d8
SHA512

4c38cc94db6770ebe1db927e8617274fcaaa3f0a216e4c37a6d57b3240dffe20bd9d59b3e95ba948784bc86cfec5a35370d5b6f23de2cbe4edf9ba2d6705c0db
SSDEEP

24576:92FwJtS5oASf66Xmqq8L2JtO+BvIREWQ9NL+0:0Fx5oASf6Ix2JtOUgREWQ3N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a1d2fac8a8d6bc9dd0e2591ae53d889_JaffaCakes118

Files

6a1d2fac8a8d6bc9dd0e2591ae53d889_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5735c2053cb8b14a9b676db204edd3a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

GetProfilesDirectoryA

shlwapi

PathFileExistsA
StrNCatA
wnsprintfA
StrStrA
StrStrIA
StrDupA
StrChrA
AssocQueryStringA

kernel32

LoadLibraryA
LoadLibraryExA
DeleteFileA
CreateThread
GetLocalTime
GetVersionExA
MoveFileExA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTempPathA
FindResourceA
LoadResource
InterlockedIncrement
InterlockedDecrement
GlobalLock
InitializeCriticalSection
SizeofResource
LeaveCriticalSection
MulDiv
IsDBCSLeadByte
MultiByteToWideChar
GlobalUnlock
FlushInstructionCache
RaiseException
SetLastError
EnterCriticalSection
GetModuleHandleA
DeleteCriticalSection
GetCurrentThreadId
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
OpenMutexA
GetComputerNameA
GetVolumeInformationA
GetTickCount
FreeResource
LockResource
GetFullPathNameA
DosDateTimeToFileTime
SetFileTime
GetFileTime
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
lstrlenA
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetStdHandle
VirtualFree
HeapCreate
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
GetConsoleMode
GetConsoleCP
GetFileType
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
CreateFileA
lstrcmpiA
lstrlenW
WideCharToMultiByte
LocalFree
CloseHandle
GlobalFree
GetLastError
GlobalAlloc
OpenProcess
ExpandEnvironmentStringsA
GetProcessHeap
HeapFree
GetCurrentProcess
FlushFileBuffers
RtlUnwind
HeapAlloc
GetLocaleInfoA
InterlockedCompareExchange
IsProcessorFeaturePresent
lstrcmpA
CreateProcessA
lstrcpynA
SetStdHandle
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WaitForSingleObject
FreeLibrary
ReadFile
SetFilePointer
GetFileSize
lstrcpyA
CreateToolhelp32Snapshot
CreateMutexA
FindNextFileA
GetModuleFileNameA
Process32Next
FindClose
FindFirstFileA
lstrcatA
TerminateProcess
GetExitCodeProcess
GetFileAttributesA
Sleep
WriteFile
SleepEx
Process32First
ExitProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
IsValidCodePage
CreateDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId

user32

GetClassInfoExA
SetCapture
CharNextA
RegisterWindowMessageA
CreateAcceleratorTableA
UnregisterClassA
RedrawWindow
GetDesktopWindow
GetSysColorBrush
IsWindow
ReleaseCapture
CallWindowProcA
GetWindow
MoveWindow
DrawTextA
InvalidateRgn
DrawEdge
GetWindowTextLengthA
IsDlgButtonChecked
CheckRadioButton
EnableWindow
FillRect
GetDlgItem
SetWindowTextA
GetDlgCtrlID
EndPaint
GetKeyState
GetFocus
LoadBitmapA
IsChild
MessageBeep
IsWindowEnabled
BeginPaint
GetDC
GetWindowTextA
SetWindowLongA
InvalidateRect
ReleaseDC
PostMessageA
UpdateWindow
DestroyWindow
GetMessageA
GetWindowRect
RegisterClassExA
PostQuitMessage
LoadIconA
GetClientRect
SetFocus
SendMessageA
IsDialogMessageA
TranslateMessage
GetWindowLongA
CreateWindowExA
PeekMessageA
DefWindowProcA
SetWindowPos
DispatchMessageA
SystemParametersInfoA
LoadCursorA
MessageBoxA
ShowWindow
GetUserObjectSecurity
GetWindowThreadProcessId
GetShellWindow
ScreenToClient
DestroyAcceleratorTable
GetClassNameA
ClientToScreen
DrawFocusRect
GetWindowDC
SetCursor
ExitWindowsEx
GetParent
GetSysColor

gdi32

DPtoLP
SetMapMode
GetMapMode
CreateDIBitmap
GetDeviceCaps
CreateCompatibleBitmap
CreateRectRgn
SetBkColor
CreateSolidBrush
BitBlt
SetTextColor
DeleteDC
CreateFontA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
GetTextExtentPointA
GetObjectA
GetStockObject
TextOutA
LPtoDP

advapi32

OpenServiceA
RegEnumKeyA
ConvertSidToStringSidA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
CloseServiceHandle
QueryServiceStatus
OpenSCManagerA
LookupAccountNameA
LookupAccountSidA
LookupPrivilegeValueA
GetSecurityDescriptorOwner
IsValidSid
GetUserNameA
RegOpenKeyA
AdjustTokenPrivileges
RegSetValueExA
RegDeleteKeyA
RegCreateKeyA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
GetTokenInformation

shell32

ord680
ShellExecuteA
SHGetFolderPathA
ShellExecuteExA

ole32

CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
OleUninitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleLockRunning
CoCreateInstance
OleInitialize

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantClear
LoadTypeLi
VariantInit
SysAllocStringLen
OleCreateFontIndirect
VarUI4FromStr
LoadRegTypeLi
OleLoadPicture

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5735c2053cb8b14a9b676db204edd3a5

Headers

DLL Characteristics

File Characteristics

Imports

userenv

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 208KB - Virtual size: 208KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 17KB - Virtual size: 28KB

.cdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 822KB - Virtual size: 822KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 208KB - Virtual size: 208KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 17KB - Virtual size: 28KB

.cdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 822KB - Virtual size: 822KB

.reloc
Size: 22KB - Virtual size: 22KB