822a7359aada30db7c00c0cd1e4e2518_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

822a7359aada30db7c00c0cd1e4e2518_JaffaCakes118
Size

320KB
MD5

822a7359aada30db7c00c0cd1e4e2518
SHA1

5b5188504a10023b163862b10f307ae22201f115
SHA256

d88b7e4f98dcde97d4aca7f3db5475270319e522c7d6f46e7df11cdd84b8fd10
SHA512

9ff0a66ba46174bccdf2c8b3d324288bc8a682ed09b667d27a3f3f18799041f03c744fd446cc51134e5672ce893da2b55fece607d47900481fddd1efc8b4ac67
SSDEEP

6144:wf9spTEkIl6pzL/erEDj23rd1lds6jybRS4y/EVLn88BJ0Wi0OBU:CSpO6N/erk23rvjybRfXVLn1n0Wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
822a7359aada30db7c00c0cd1e4e2518_JaffaCakes118

Files

822a7359aada30db7c00c0cd1e4e2518_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2641baaa4071df38bf3516114843186b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

iswctype
fopen
fprintf
fclose
wcstol
_ltow
memmove
wcschr
_splitpath
_snprintf
sprintf
_except_handler3
_wmakepath
_close
_snwprintf
wcsncat
_open
_wstat
_stat
_winmajor
memset
_access
_wfullpath
_fullpath
strcmp
_errno
swprintf
calloc
wcsncmp
_wcsnicmp
wcscpy
wcsrchr
wcscat
_wsplitpath
wcslen
free
malloc
_wopen
_waccess
wcscmp
_wcsicmp
wcsncpy

comctl32

PropertySheetW
ImageList_ReplaceIcon
ImageList_Create
PropertySheetA

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetMalloc
SHChangeNotify
SHGetDesktopFolder

user32

IsDlgButtonChecked
CheckDlgButton
LoadBitmapA
DispatchMessageA
GetMessageA
GetWindow
FindWindowExA
ReleaseDC
CharUpperBuffW
FindWindowA
GetActiveWindow
wsprintfA
DialogBoxParamA
PostQuitMessage
CountClipboardFormats
DialogBoxParamW
EndDialog
SetFocus
OffsetRect
ShowWindow
PostMessageA
GetInputState
LoadMenuA
IsWindow
LoadStringW
LoadStringA
SetWindowTextW
SetWindowTextA
GetWindowTextW
GetWindowTextA
MessageBoxW
LoadIconA
EnableWindow
CreateWindowExA
SendMessageA
RegisterClassExA
DefWindowProcA
LoadCursorA
GetClipboardOwner
GetForegroundWindow
GetDoubleClickTime
GetFocus
SetCursor
GetClipboardSequenceNumber
GetDlgItem
EnumWindows
TranslateMessage
SetWindowLongA
SendMessageW
GetWindowLongA
MessageBoxA
GetDesktopWindow
GetClipboardViewer
GetDlgCtrlID
GetCapture
GetParent
GetWindowRect
GetCaretBlinkTime
GetSystemMetrics
MoveWindow

ole32

CoCreateInstance
CoInitialize
CoUninitialize

kernel32

GetCurrentProcessId
TlsSetValue
GetLogicalDrives
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoA
GetTickCount
TerminateProcess
OpenMutexA
InterlockedExchange
GetSystemTimeAsFileTime
OpenEventW
CloseHandle
FindFirstFileA
InterlockedCompareExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
GetThreadLocale
FindNextFileA
GetProcessHeap
GetDateFormatA
GetTempFileNameA
LocalFree
CreateEventA
DisableThreadLibraryCalls
GetModuleFileNameA
FindResourceA
DeleteCriticalSection
GetVersionExA
InterlockedDecrement
HeapCreate
TlsFree
GetOEMCP
InitializeCriticalSection
HeapFree
SetFileAttributesA
GetStdHandle
lstrcpynW
VerLanguageNameW
VerLanguageNameA
WaitForSingleObjectEx
CreateSemaphoreW
SetErrorMode
EnterCriticalSection
FindResourceW
GlobalFree
GetVersion
SetLastError
SetFilePointer
LeaveCriticalSection
GetPrivateProfileStringW
GetPrivateProfileStringA
GetCommandLineA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
GetUserDefaultUILanguage
IsDebuggerPresent
WritePrivateProfileStringW
FormatMessageW
WritePrivateProfileStringA
ReadFile
GetTempPathW
TlsAlloc
ResetEvent
GetTempPathA
GetSystemDirectoryW
PulseEvent
GetSystemDirectoryA
GetCurrentProcess
GetProfileStringW
GlobalMemoryStatusEx
GetProfileStringA
AreFileApisANSI
LoadLibraryExW
LoadLibraryExA
GetLastError
WriteFile
HeapAlloc
OutputDebugStringW
CreateThread
GetLogicalDriveStringsW
FindFirstFileW
FindNextFileW
GetAtomNameA
GetUserDefaultLangID
FindClose
LoadLibraryA
GetACP
GetProcAddress
FreeLibrary
AddAtomA
lstrlenW
GetModuleHandleA
WideCharToMultiByte
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
CreateFileA

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteValueA
RegDeleteValueW
RegSetValueExA
RegSetValueExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteKeyW
RegQueryValueExA
RegQueryValueExW
RegEnumValueA
RegEnumValueW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

Sections

.text
Size: 93KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2641baaa4071df38bf3516114843186b

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

shell32

user32

ole32

kernel32

advapi32

comdlg32

version

Sections

.text Size: 93KB - Virtual size: 95KB

.data Size: 193KB - Virtual size: 251KB

.bss Size: - Virtual size: 18KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 95KB

.data
Size: 193KB - Virtual size: 251KB

.bss
Size: - Virtual size: 18KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 4KB