85d1f6bac0c3b4d70aa913304b89713f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85d1f6bac0c3b4d70aa913304b89713f_JaffaCakes118
Size

396KB
MD5

85d1f6bac0c3b4d70aa913304b89713f
SHA1

028a519761f05b6a86a9ea2c24ae78932e09d7a2
SHA256

9ddb1024a05d7f495758601458fd0786544c491a4dfd8c745f9d0bae62fd9b5d
SHA512

c34feca9c9798723849a4c5c4d599afa0a73034e42a62f0f31658ba1067505bd68290da0edd56bd3c430220eda22fb513cc7554653ee5a93b4e478d938324096
SSDEEP

6144:hn3xVHV83jsT8Nvjybxb0x4mnpinUZOYlZbKOeZIwjMs0C6yhARmvkylIhY4:hL1lT6vKJ0xrpB5KOeZTr+0wyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d1f6bac0c3b4d70aa913304b89713f_JaffaCakes118

Files

85d1f6bac0c3b4d70aa913304b89713f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2728041f361e26061076cb19abc3d9b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW

user32

GetWindowLongW
SendDlgItemMessageW
EndPaint
ShowWindow
GetSysColorBrush
GetParent
IsWindow
GetIconInfo
IsWindowVisible
GetWindowTextLengthW
PtInRect
IsRectEmpty
SetWindowLongW
WinHelpW
GetCapture
PostThreadMessageW
RegisterWindowMessageW
BeginDeferWindowPos
IsDlgButtonChecked
MessageBeep
SetCursor
GetWindowRect
DestroyIcon
GetSystemMetrics

shell32

SHOpenFolderAndSelectItems
ShellExecuteExW
ShellExecuteW
ord18
ord155
ord748
SHGetSpecialFolderLocation
SHGetFileInfoW

kernel32

CreateProcessW
CreateFileMappingW
LoadLibraryW
SetCurrentDirectoryW
GetSystemTimeAsFileTime
CreateDirectoryW
InterlockedIncrement
CreateEventA
GetTickCount
LoadLibraryExW
CreateThread
VirtualAllocEx
MoveFileW
CompareStringW
TerminateProcess
WaitForSingleObject
GetSystemDirectoryW
ExitThread
UnhandledExceptionFilter
GetShortPathNameW
WriteFile
lstrcatW
FindResourceW
GetTickCount
GetModuleHandleW
WaitForSingleObject
GetProcAddress
CreateMutexW
GetCurrentProcess
SetFileTime
SetEvent
GetModuleHandleA
GetFullPathNameW

gdi32

CreateSolidBrush
GetDeviceCaps
SelectPalette
CreateCompatibleBitmap
SetBrushOrgEx
Rectangle
CreatePenIndirect
CreatePen
GetTextMetricsW
GetObjectW
DeleteObject
GetStockObject
GetTextExtentPoint32W
CreateDIBSection
SetBkMode

gdiplus

GdipGetImageEncodersSize
GdiplusShutdown
GdipDeleteGraphics
GdipGetImageEncoders
GdipImageRotateFlip
GdipDrawImageI
GdipGetImageGraphicsContext
GdipGetImageDecodersSize
GdipCreateHBITMAPFromBitmap

msvcrt

exit
__set_app_type
wcsncpy
_vsnwprintf
wcscpy
_exit

shlwapi

PathRemoveExtensionW
wnsprintfW

ole32

PropVariantClear
CreateStreamOnHGlobal
StringFromCLSID

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2728041f361e26061076cb19abc3d9b1

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

shell32

kernel32

gdi32

gdiplus

msvcrt

shlwapi

ole32

Sections

.text Size: 246KB - Virtual size: 246KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 9KB - Virtual size: 392KB

.text
Size: 246KB - Virtual size: 246KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 9KB - Virtual size: 392KB