7769087accd8feb2b18d84696252085f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7769087accd8feb2b18d84696252085f_JaffaCakes118
Size

60KB
MD5

7769087accd8feb2b18d84696252085f
SHA1

59e11b60d950e83f84cf59cefa66f4318f9e483c
SHA256

1972f2360a089c85d8197fcf1d72114238cda7a8e4a915b3adf634dbe3c4e92e
SHA512

e6ade03754de586e1db88597c765bf0f03503b6bae69197b2eec324252e687ddfb7f3de776adfd449741bdc3d3b445f528ec1475f14b6fd76e48945949dec639
SSDEEP

768:8LHZlwhv9Cd8WphCNlNkts1/mm1NmEgVfL0f9zfhcjx6tD/3KFjBFskjLa:8LHIMfMNlSts1dNAcujHsya

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7769087accd8feb2b18d84696252085f_JaffaCakes118

Files

7769087accd8feb2b18d84696252085f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aad790ef4ecf12dcdd9f23dee03bc71f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
FlushInstructionCache
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
LoadLibraryA
VirtualProtect
SetLastError
GetStartupInfoA
HeapFree
OpenProcess
CloseHandle
InterlockedDecrement
RemoveDirectoryA
LocalFree
DeviceIoControl
LoadLibraryExW
GetLastError
GetProcAddress
FreeLibrary
FindNextFileA
GetTempPathA
GetTickCount
GetTempFileNameA
MoveFileA
GetProcessHeap
GetWindowsDirectoryA
GetShortPathNameA
SetFileAttributesA
DeleteFileA
MoveFileExA
FindFirstFileA
FindClose
GetEnvironmentVariableA
TerminateProcess
WideCharToMultiByte
ReadProcessMemory
lstrcmpA
GetSystemDirectoryA
ReadFile
SetFilePointer
GetFileSize
CreateFileA
SearchPathA
GetCurrentProcessId
GetModuleHandleA
GetVersionExA

user32

GetMessageA
TranslateMessage
LoadStringA
MessageBoxA
BeginPaint
PostMessageA
FindWindowExA
GetDlgItem
DispatchMessageA
DrawTextA
EndPaint
PostQuitMessage
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetSystemMetrics
LoadImageA
SendMessageA
SetDlgItemTextA
IsDialogMessageA
SetWindowLongA
DefWindowProcA
DestroyWindow
CreateDialogParamA
ShowWindow
PeekMessageA
ScreenToClient

gdi32

SelectObject
SetBkMode
SetTextColor
GetStockObject

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

msvcrt

__set_app_type
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strchr
_mbstok
_vsnprintf
strrchr
_except_handler3
fopen
rewind
fgets
_strnicmp
fseek
fprintf
fclose
??2@YAPAXI@Z
memmove
realloc
free
__CxxFrameHandler
_osver
memcpy

shlwapi

SHSetValueA
StrCmpNIA
PathAppendA
PathIsDirectoryA
SHDeleteValueA
StrStrIW
StrStrIA
PathCombineA
PathFileExistsA
SHGetValueA
SHDeleteKeyA
PathFindFileNameA

psapi

GetModuleInformation

advapi32

BuildExplicitAccessWithNameA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
GetNamedSecurityInfoA
DeleteAce
GetExplicitEntriesFromAclA
SetNamedSecurityInfoA
GetUserNameA
SetEntriesInAclA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aad790ef4ecf12dcdd9f23dee03bc71f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

msvcrt

shlwapi

psapi

advapi32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 10KB