70ff7318378c1c311c2d811ae3001bbc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70ff7318378c1c311c2d811ae3001bbc_JaffaCakes118
Size

192KB
MD5

70ff7318378c1c311c2d811ae3001bbc
SHA1

8708772e02de08d6c579c8d9f510b4492ef67698
SHA256

d8764bc7073af4787d73a8a17752bb2accc5c59e4230ae12d78b103578ffc13b
SHA512

b4c087a407495e67dfe1539224bf8a34566f8bb061eca92c7f62e19fc9e4d9f80d9e2a951941db179822e06f851c469191283855c2070366278de0f440c7ff97
SSDEEP

3072:W5KGvdLGkYTx/yFWVeIM8Cwtf+LxYErtJMxWoZVd:UGkYTx/nPM7wwxir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70ff7318378c1c311c2d811ae3001bbc_JaffaCakes118

Files

70ff7318378c1c311c2d811ae3001bbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89a8ee35d4dd559332d9a88f865fca8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetSystemDefaultLCID
CreateFileA
CopyFileA
GetSystemDirectoryA
CreateProcessA
OpenFile
GetVersionExA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
Sleep
GetStringTypeA
FreeLibrary
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
HeapSize
GetCurrentProcess
TerminateProcess
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
WriteFile
ExitProcess
GetVersion
GetStartupInfoA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
InterlockedExchange
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
GetStringTypeW
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
GetCommandLineA
GetCurrentThreadId
CreateEventA
GetLastError
CreateMutexA
InterlockedDecrement
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
LocalFree
InterlockedIncrement
GetOEMCP

user32

DestroyMenu
SetWindowLongA
GetWindowLongA
FindWindowA
DispatchMessageA
GetMessageA
PostMessageA
CreateWindowExA
RegisterClassA
CharNextA
PostQuitMessage
ReleaseDC
GetSystemMetrics
GetDC
SetTimer
DestroyIcon
KillTimer
TrackPopupMenu
GetCursorPos
SetForegroundWindow
DestroyWindow
AppendMenuA
PostThreadMessageA
RegisterWindowMessageA
DefWindowProcA
EnumDisplaySettingsA
wsprintfA
CallWindowProcA
GetParent
DialogBoxParamA
EnumChildWindows
GetSystemMenu
GetWindowRect
LoadStringA
WinHelpA
SetWindowTextA
GetDlgItem
EndDialog
GetDlgCtrlID
EnableWindow
PeekMessageA
EnableMenuItem
GetSubMenu
GetMenuStringA
SendMessageA
InsertMenuA
CreatePopupMenu

gdi32

GetDIBits
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteObject
DeleteDC

advapi32

AllocateAndInitializeSid
RegSetValueExA
RegCloseKey
FreeSid
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteExA

ole32

CoSuspendClassObjects
CoUninitialize
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysStringByteLen
VariantClear

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage

hccutils

GetHardwareKey
FindResources
IsDisplayValid
EnumDeviceByClass
EnumDspDev
LoadDialogString
GetMyRegKey
LoadIMAGE
LoadBITMAP
GetCommonRegKey
ReleaseClassDevice
LoadSTRING

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89a8ee35d4dd559332d9a88f865fca8d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

hccutils

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 34KB

.rsrc Size: 41KB - Virtual size: 61KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 34KB

.rsrc
Size: 41KB - Virtual size: 61KB