8675aa88813c65c4395d1e4368e082a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8675aa88813c65c4395d1e4368e082a6_JaffaCakes118
Size

218KB
MD5

8675aa88813c65c4395d1e4368e082a6
SHA1

276056574ce0ed9e0e859d1afa93d3509d11e10d
SHA256

445b2cf4364ad07be143485d80093206334a13eea0e4097f5cbec5bba1da322b
SHA512

8690076d372a5c4e947e9f7724181ce25ddb71f7783e25ea1af6152ed29c0923a5bf319ef6d59d909f9d0612e9f7773bf52aae71e3bc1a26a0d0e8856e72039e
SSDEEP

3072:4nz2z/jMwe8uco9+qol6WpJ/HAUHRxecdaMBUlw6P/xq2jr:Xz/G+SWPII46p6P/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8675aa88813c65c4395d1e4368e082a6_JaffaCakes118

Files

8675aa88813c65c4395d1e4368e082a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindFirstFileA
FindNextFileA
MoveFileExA
GetVersionExA
RemoveDirectoryA
GetPrivateProfileStringA
GetLocalTime
CreateDirectoryA
LoadResource
LockResource
GetFileAttributesA
LoadLibraryA
GlobalLock
DeleteFileA
FreeResource
SetErrorMode
lstrcatA
GetWindowsDirectoryA
FreeLibrary
GlobalUnlock
GlobalFree
SizeofResource
_lcreat
_lwrite
_lclose
WinExec
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
GetProcAddress
lstrcpynA
FileTimeToLocalFileTime
MultiByteToWideChar
GetFileTime
_lread
FileTimeToDosDateTime
_llseek
_lopen
GetDriveTypeA
GetSystemDirectoryA
MulDiv
lstrcmpA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
lstrlenA
CopyFileA
GetTempPathA
GetTempFileNameA
GetPrivateProfileIntA
FindResourceA
GlobalAlloc
FindClose
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualFree
HeapCreate
OpenFile
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetCPInfo
GetOEMCP
HeapDestroy
GetACP

user32

RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
LoadBitmapA
PeekMessageA
SetTimer
TranslateMessage
CreateWindowExA
GetSystemMetrics
SetWindowTextA
GetMessageA
GetSysColor
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
PostMessageA
MessageBoxA
wsprintfA
ExitWindowsEx
EndPaint
PostQuitMessage
GetClientRect
BeginPaint
ReleaseDC
InvalidateRect
GetDC
DefWindowProcA
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
GetDlgItemTextA
SetRect
ScreenToClient
GetDlgItem
GetWindowTextA
SendDlgItemMessageA
SetFocus
OemToCharA
CharNextA
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
SendMessageA
DdeCreateDataHandle
DdeInitializeA
DdeConnect
DestroyWindow
DdeClientTransaction
DdeDisconnect
DdeUninitialize
DialogBoxParamA
DispatchMessageA
KillTimer
DdeFreeDataHandle
DdeGetData
DdeCreateStringHandleA

gdi32

DeleteObject
GetTextExtentPointA
TextOutA
GetObjectA
SetBkMode
CreateFontA
SetTextColor
DeleteDC
BitBlt
GetDeviceCaps
PatBlt
CreateSolidBrush
CreateCompatibleDC
RealizePalette
SelectPalette
SelectObject
SetBkColor
MoveToEx
ExtTextOutA
LineTo
CreateFontIndirectA
CreatePen
CreateCompatibleBitmap
CreateDIBitmap
StretchBlt
GetStockObject
CreatePalette

comdlg32

GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 145KB - Virtual size: 148KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 145KB - Virtual size: 148KB