85d3ac2219dad73d9e9ac459162962bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85d3ac2219dad73d9e9ac459162962bd_JaffaCakes118
Size

227KB
MD5

85d3ac2219dad73d9e9ac459162962bd
SHA1

a5b87493fb48065c0bf47edf9603891f8958e2dc
SHA256

4ccafd2b22e34ce8143633c44f41e04013e0bfa156a477bfd7c16b0aa85232b3
SHA512

c86c6887751c2b2fd91c54da9a1a8c39750e46672cf825f4f969de82862b344551f104deb84af0ad3711648dcd1e0c4b754b7e7b11c65a914c7ab1f0afe144bf
SSDEEP

3072:4HvctFmHPsvynOeaBr7zecClUuxfFKwWAQpmNJWS0vW6sA+An5Kb:q0mHPrOeir7znYFKwWTmqxsBAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d3ac2219dad73d9e9ac459162962bd_JaffaCakes118

Files

85d3ac2219dad73d9e9ac459162962bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

348d9421f940b295e1a83f5853a191d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA

comdlg32

GetOpenFileNameA
PrintDlgA

advapi32

CryptSetKeyParam
StartServiceA
RegNotifyChangeKeyValue
RegOpenKeyExW
RegEnumKeyA
CryptExportKey
RegDeleteValueA
OpenThreadToken
GetSecurityDescriptorOwner
FreeSid
AdjustTokenPrivileges
RegCloseKey
EqualSid
RegEnumValueW
GetTokenInformation
OpenServiceW
RegEnumKeyExA

ws2_32

WSAGetLastError

kernel32

GetFileAttributesA
SetEvent
GetProcessHeap
GetAtomNameW
SetFileAttributesW
SystemTimeToFileTime
SetErrorMode
FindFirstFileW
HeapReAlloc
LoadResource
GetVolumeInformationW
TlsAlloc
GlobalHandle
GlobalReAlloc
GetFullPathNameW
CreateFileW
GlobalAddAtomW
EnterCriticalSection
lstrcmpiW
VirtualAlloc
InterlockedIncrement
CloseHandle
FileTimeToLocalFileTime
GetPrivateProfileIntW
GetCurrentProcessId
DeleteFileW
SetThreadPriority
SizeofResource
MoveFileW
GetFileAttributesW
GetCurrentThread
HeapAlloc
LocalReAlloc
TlsGetValue
FreeResource
ResetEvent
GetVersionExA
SetEndOfFile
GlobalUnlock
CompareStringW
GetModuleHandleA
LockFile
InitializeCriticalSection
SetFilePointer
HeapFree
GetShortPathNameW
CreateEventW
LoadLibraryA
GetStringTypeExW
FindResourceW
InterlockedExchange
GetUserDefaultLCID
SetFileTime
GetVersion
FlushFileBuffers
GlobalFree
WideCharToMultiByte
FindClose
GlobalFindAtomW
GetLastError
GlobalFlags
LocalAlloc
lstrcmpW
GlobalAlloc
CopyFileW
UnlockFile
lstrcmpA
GlobalSize
GlobalLock
lstrlenW
GetThreadLocale
LockResource
DuplicateHandle
ConvertDefaultLocale
CompareStringA
DeleteCriticalSection
GlobalGetAtomNameW
SetLastError
LocalFileTimeToFileTime
GlobalDeleteAtom
GetCurrentThreadId
GetSystemInfo
InterlockedDecrement
FindNextFileW
GetVersionExW
WriteFile
Sleep
SuspendThread
MulDiv
GetFileTime
FileTimeToSystemTime
lstrlenA
GetModuleFileNameW
ReadFile
WaitForSingleObject
GetLocaleInfoW
FormatMessageW
CreateProcessW
lstrcpyA
ResumeThread

gdi32

GetObjectW
SelectClipPath
CreateSolidBrush
BitBlt
PlayMetaFileRecord
SetViewportOrgEx
CreateCompatibleDC
CopyMetaFileW
StartDocW
RestoreDC
SetMapperFlags
PatBlt
ExtCreatePen
SetRectRgn
EnumMetaFile
CreateDCW
PlayMetaFile
GetViewportExtEx
GetStockObject
PolyBezierTo
GetPixel
SetROP2
ExtTextOutW

user32

AdjustWindowRectEx
GetSubMenu
GetScrollInfo
BeginPaint
SetPropW
SetScrollInfo
SetDlgItemTextW
UnregisterClassW
GetDC
ValidateRect
MapWindowPoints
EndDialog
GetMenuItemCount
GetLastActivePopup
LoadImageW

rpcrt4

RpcStringBindingComposeW
UuidToStringA
RpcBindingFromStringBindingA
NdrClientCall2

shell32

ShellExecuteW
Shell_NotifyIconW

wininet

FtpCreateDirectoryA

Sections

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

348d9421f940b295e1a83f5853a191d1

Headers

DLL Characteristics

File Characteristics

Imports

version

comdlg32

advapi32

ws2_32

kernel32

gdi32

user32

rpcrt4

shell32

wininet

Sections

.rsrc Size: 124KB - Virtual size: 124KB

.data Size: 50KB - Virtual size: 224KB

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 44KB - Virtual size: 43KB

.rsrc
Size: 124KB - Virtual size: 124KB

.data
Size: 50KB - Virtual size: 224KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 44KB - Virtual size: 43KB