888a46949d9ef024d87d5a92ea9ad028_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

888a46949d9ef024d87d5a92ea9ad028_JaffaCakes118
Size

184KB
MD5

888a46949d9ef024d87d5a92ea9ad028
SHA1

64ed4216f0a1c6b202d5427752d5bab3bda0604b
SHA256

a6568894754a68e91060548856212b1f415c330043e79baacb7ad81611db6407
SHA512

c10e52e82e8deff0bd44cb1a26c1285b359ab821ea6abf811098734a5d2b1e6a69e82a288960176199c637c01288978581de66f82e3ff76567f63bf68faa69eb
SSDEEP

3072:knNLgtzRu3DzAZYUAfWr0Elv2zUuFF7CZ6fXrDVO+lbKKH:knNMtzRu3DsaUs22zUuFRCofXrhO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
888a46949d9ef024d87d5a92ea9ad028_JaffaCakes118

Files

888a46949d9ef024d87d5a92ea9ad028_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af6ca8a40cf2f256451f639487c98f7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
CreateProcessA
WriteFile
CloseHandle
SetFileAttributesA
GetFileAttributesA
CopyFileA
CreateFileA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpA
DeleteFileA
Sleep
WaitForSingleObject
LocalFree
GetSystemTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
IsBadCodePtr
FindResourceA
GetOEMCP
FlushFileBuffers
SetStdHandle
SetFilePointer
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
TerminateProcess
GetProcAddress
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
InterlockedExchange
MultiByteToWideChar
GetModuleHandleA
lstrlenW
CreateMutexA
GetLastError
ReleaseMutex
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
RtlUnwind
ExitProcess
GetACP
GetCPInfo

user32

GetWindowTextLengthA
SetWindowLongA
UnregisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
IsDialogMessageA
CreateDialogParamA
DefWindowProcA
CharNextA
PostMessageA
KillTimer
wsprintfA
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
IsWindow
SendMessageA
SetFocus
GetFocus
IsChild
BeginPaint
EndPaint
GetSysColor
CallWindowProcA
PostQuitMessage
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture
DestroyAcceleratorTable
GetDesktopWindow
GetWindowTextA
SetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetDlgItem
ScreenToClient
DialogBoxParamA
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
EndDialog
SetTimer
GetActiveWindow

gdi32

CreateSolidBrush
GetStockObject
GetObjectA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetDeviceCaps

advapi32

RegOpenKeyA
RegCreateKeyExA
SetNamedSecurityInfoA
GetNamedSecurityInfoA
LookupAccountNameA
SetEntriesInAclA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA
ShellExecuteExA
SHChangeNotify

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
SysStringByteLen
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af6ca8a40cf2f256451f639487c98f7b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 80KB - Virtual size: 77KB