72b2884ac31a1db5b13872cf42a8d705_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72b2884ac31a1db5b13872cf42a8d705_JaffaCakes118
Size

1.4MB
MD5

72b2884ac31a1db5b13872cf42a8d705
SHA1

15a840b6020bcdf72cf22956536bbaf5dd40b107
SHA256

6c80fcc8e567259276f9d6f3cbf4b62057cc057684b6d23f599037eb2b977eb8
SHA512

b42a7308931cb24c9d9403e60fbee2748413583b683bfa7f6b4d925df1e92221c43da2acd5cccc5284457b03d7398389cd65cb2d107a9b85f54c72a974c031e4
SSDEEP

24576:MgkVhSVW47OxEyZP5/3bxpstkWdE88vvJvD7vL:MgShSUoOV1bxpNWCxR77vL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72b2884ac31a1db5b13872cf42a8d705_JaffaCakes118

Files

72b2884ac31a1db5b13872cf42a8d705_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0c1b22510caf1c7b57067b293314d55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetACP
SetThreadLocale
GetFileAttributesW
GetTempFileNameW
GetTempPathW
CreateDirectoryW
DeleteFileW
ReadFile
SetFilePointer
CreateFileW
WriteFile
MoveFileExW
CreateFileA
GetTempPathA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
HeapSize
LockResource
SizeofResource
LoadResource
FindResourceExA
WaitForSingleObject
CreateProcessA
FindResourceW
GetExitCodeProcess
LocalFree
FormatMessageW
SetLastError
CreateProcessW
CompareStringW
GetCommandLineW
lstrlenW
GetTimeZoneInformation
InterlockedExchange
SetEnvironmentVariableA
CompareStringA
GetLocaleInfoW
LoadLibraryA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetFileType
GetStdHandle
SetHandleCount
lstrlenA
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetProcAddress
GetLastError
OpenProcess
CloseHandle
GetVersionExA
GetSystemInfo
CopyFileW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleA
LoadLibraryW
GetEnvironmentVariableA
GetModuleFileNameA
LCMapStringW
LCMapStringA
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
RtlUnwind
CreateDirectoryA
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
SetEndOfFile

user32

SetWindowTextW
EndDialog
IsDlgButtonChecked
MessageBoxW
GetDlgItem
CheckDlgButton
DialogBoxParamW
EnableWindow
SetDlgItemTextW
SetDlgItemTextA
GetWindowRect
MoveWindow
GetSystemMetrics
MessageBoxExW
LoadStringW

advapi32

RegOpenKeyExA
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
CloseServiceHandle
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation
RevertToSelf
RegQueryValueExA
RegCloseKey
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
ImpersonateLoggedOnUser

shell32

CommandLineToArgvW
SHGetFolderPathW

ole32

StringFromGUID2

msi

ord32
ord8
ord92
ord67
ord159
ord175
ord88
ord169
ord141
ord204
ord160
ord118
ord190
ord158
ord70

comctl32

ord17

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.3MB - Virtual size: 13.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0c1b22510caf1c7b57067b293314d55

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

msi

comctl32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 29KB

.rsrc Size: 13.3MB - Virtual size: 13.3MB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 29KB

.rsrc
Size: 13.3MB - Virtual size: 13.3MB