72d80791d84ef7e6b6321a86ce7dd376_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72d80791d84ef7e6b6321a86ce7dd376_JaffaCakes118
Size

110KB
MD5

72d80791d84ef7e6b6321a86ce7dd376
SHA1

54f8def8c713ae20cd5374a7202c5e98a94e90f9
SHA256

184a00c946b2d12121fd571d1353c1e42c26ee639487daaa65c1d574d6a45129
SHA512

c08746af6ec54314231388a9eacc16fd24006c4f30c3808d27108fb1232480ddbc00c918ea49682eb073373cc6250111c91ccb20c8c2a8612df8d4d720476471
SSDEEP

3072:Mu9EPmU6N6KVSsZ0ZJCETMmjOjgA1D8lN7jvl:VGPC0ZJCwMQOvpm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72d80791d84ef7e6b6321a86ce7dd376_JaffaCakes118

Files

72d80791d84ef7e6b6321a86ce7dd376_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6fb84beb15145be4a2ae4a10b041b89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptEncodeObjectEx
CertEnumSystemStoreLocation
CryptEncodeObject

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

gdi32

SetBkColor
CreateSolidBrush
SetTextColor
CreateFontIndirectW
DeleteObject

kernel32

InterlockedDecrement
FindResourceW
LoadResource
LockResource
GlobalAlloc
GetSystemTimeAsFileTime
InterlockedIncrement
GetProcessVersion
GetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
LocalFree
CloseHandle
LocalAlloc
ExitProcess
InitializeCriticalSection
GetCurrentProcessId
WaitForSingleObject
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
UnhandledExceptionFilter
FreeResource
CreateThread
GetTickCount
GetCurrentProcess
InterlockedCompareExchange
GetModuleHandleA
GetStartupInfoW
Sleep

shell32

CommandLineToArgvW
ShellExecuteExW

user32

SetTimer
PostMessageW
SetWindowLongW
SendDlgItemMessageW
GetSysColor
CreateWindowExW
DefWindowProcW
SetForegroundWindow
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetWindowTextLengthW
GetDlgItem
DestroyWindow
GetSysColorBrush
GetWindowTextW
DialogBoxParamW
SetFocus
TranslateMessage
CheckDlgButton
GetDlgCtrlID
IsDlgButtonChecked
LoadIconW
EnableWindow
SendMessageW
DispatchMessageW
FindWindowW
FindWindowExW
SetActiveWindow
UnregisterClassW
SetDlgItemTextW
PostQuitMessage
SetWindowTextW
GetParent
LoadStringW
RegisterClassExW
GetWindowLongW
EndDialog
ShowWindow
GetMessageW
KillTimer

advapi32

GetTraceEnableFlags
UnregisterTraceGuids
GetTraceLoggerHandle
RegisterTraceGuidsW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyW
RegSetValueExW
RegCloseKey
GetTraceEnableLevel
RegCreateKeyExW
TraceMessage

msvcrt

_cexit
exit
??2@YAPAXI@Z
??3@YAXPAX@Z
_amsg_exit
__setusermatherr
_exit
__set_app_type
_initterm
?terminate@@YAXXZ
__p__commode
_XcptFilter
_vsnwprintf
wcstoul
_wcsicmp
__p__fmode
_wcmdln
memset
__wgetmainargs
_controlfp

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsExW

powrprof

CallNtPowerInformation

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx

uxtheme

OpenThemeData
GetThemeColor
CloseThemeData
GetThemeFont

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6fb84beb15145be4a2ae4a10b041b89

Headers

File Characteristics

Imports

crypt32

wtsapi32

gdi32

kernel32

shell32

user32

advapi32

msvcrt

setupapi

powrprof

ole32

uxtheme

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 1024B - Virtual size: 360KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 1024B - Virtual size: 360KB