711bfc5dd5a8934ebd23b06f0c638b37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

711bfc5dd5a8934ebd23b06f0c638b37_JaffaCakes118
Size

1.2MB
MD5

711bfc5dd5a8934ebd23b06f0c638b37
SHA1

f0f2b39e5e2d800377e2616d3ad0cf5fdfc68063
SHA256

66c600ea5a29d801f91cfeb370f0560e3be57fce8b0020c4d92549bf23475cdb
SHA512

3df5b1bddfab98d6f1059a8fddc8798cc5392928bc26ca89139e830c7864cb3572715bd183e47252ab3085f4307abce1585bb7e36b676d0eddd7a61b7748e9d8
SSDEEP

24576:HC2npXC5nBHaPMTDXxrTg/hNAiJsN3LExEnsQLjKyWXK4:i2VkxRcM73McyK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
711bfc5dd5a8934ebd23b06f0c638b37_JaffaCakes118

Files

711bfc5dd5a8934ebd23b06f0c638b37_JaffaCakes118
.exe windows:5 windows x86 arch:x86

219ee3e52de8cbc0d43b167565c687ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

DestroyPropertySheetPage
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIcon
ImageList_GetImageCount

ntdll

wcstoul
iswctype

advapi32

CheckTokenMembership
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegQueryValueExA
ControlService
CloseServiceHandle
CloseEncryptedFileRaw

gdi32

CreateBitmap
CreateCompatibleBitmap
DeleteObject
Rectangle

netapi32

NetApiBufferSize
NetWkstaGetInfo
NetApiBufferFree

kernel32

GetSystemTimeAsFileTime
BackupSeek
CreateMutexA
GlobalFree
LoadResource
GetVersion
MultiByteToWideChar
LeaveCriticalSection
SetEvent
GetTimeZoneInformation
ReleaseMutex
BackupRead
HeapQueryInformation
GetLastError
GetCurrentProcessId
GetCurrentDirectoryA
FreeLibrary
GetExitCodeThread
CloseHandle
BackupWrite
VirtualAlloc
InitializeCriticalSection
GetProcessHeap
EraseTape
OpenMutexA
CreateThread
LocalFree

ole32

CoInitializeEx
CoCreateInstance
CoInitializeSecurity

user32

GetAsyncKeyState
RegisterClassExA
SendMessageA
InflateRect
CreateIconFromResource
SetTimer
SetActiveWindow
GetDesktopWindow
CreateWindowExA
ClientToScreen
ShowWindow
UpdateWindow
DefWindowProcA
GetMessageA
ChildWindowFromPoint
CopyRect
SetCursor
ExitWindowsEx
TranslateMessage
GetDlgItem
GetSystemMetrics
GetFocus
GetMenu
DispatchMessageA
DestroyWindow
InvalidateRect
GetNextDlgGroupItem
MapDialogRect
SetParent
LockSetForegroundWindow
GetClientRect

shell32

SHGetDesktopFolder

setupapi

SetupFindNextLine

msvcrt

_wcslwr
_putenv
ftell
__setusermatherr
_cexit
_exit
_errno
_except_handler3
_wfopen
_wcmdln
__CxxFrameHandler
_mbslen
wcspbrk
isalpha
fflush
isspace
_CxxThrowException
_filelength
fclose
_tzset
fread
fwrite
wprintf
_wcsdup
free
__p__fmode
_mbscpy
wcsncat
clearerr

Sections

.text
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

219ee3e52de8cbc0d43b167565c687ce

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ntdll

advapi32

gdi32

netapi32

kernel32

ole32

user32

shell32

setupapi

msvcrt

Sections

.text Size: 838KB - Virtual size: 838KB

.data Size: 335KB - Virtual size: 335KB

.rsrc Size: 22KB - Virtual size: 3.0MB

.text
Size: 838KB - Virtual size: 838KB

.data
Size: 335KB - Virtual size: 335KB

.rsrc
Size: 22KB - Virtual size: 3.0MB