8e541ae61b8e88305779722149d157ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e541ae61b8e88305779722149d157ac_JaffaCakes118
Size

357KB
MD5

8e541ae61b8e88305779722149d157ac
SHA1

c7c4a3b3b8b63d6fc51bd154ae91ed2cc08992bf
SHA256

cb8d1cf953dba1f5fa07a981774567bbddb3335e634555f22ba0374bd0eb5494
SHA512

f2ece89db906cf3d533504f9aabe08e409c5fb762759f3f19ab963b9c72e21d9972958ebaa9da984d7a05ba173d54317c3a2a4440850fcc759603ccca7e73bde
SSDEEP

6144:q1FotOWk2fLyFf+AwyFFwdn3M2W+d/J5iut4U2yShMW2ltrNc/H6K5zBirkwU:nk2fmFWAwysdn3o6t4jhJ2DRcP6K9L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e541ae61b8e88305779722149d157ac_JaffaCakes118

Files

8e541ae61b8e88305779722149d157ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

35d1e972bbc0343e73c3a5059bd20a47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
CloseHandle
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapReAlloc
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
VirtualFree
VirtualAlloc
LockResource
GetCommandLineW
lstrlenA
RaiseException
lstrcpynA
lstrcmpW
SetLastError
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
lstrcatW
lstrcpynW
lstrcpyW
GetVersionExW
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
lstrlenW
GetCurrentThreadId
LoadLibraryW
FreeLibrary
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId

user32

ShowWindow
DestroyMenu
DefWindowProcW
CharNextW
DestroyWindow
wvsprintfW
SetWindowLongW
IsMenu
PeekMessageW
PtInRect
MessageBeep
IsWindowVisible
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoW
LoadStringA
PostQuitMessage
LoadStringW
SetMenuItemInfoW
MapWindowPoints
PostMessageW
RemoveMenu
CreatePopupMenu
GetWindowRect
TranslateAcceleratorW
LoadImageW
GetSysColorBrush
ReleaseCapture
GetClassInfoExW
GetFocus
OffsetRect
EndPaint
BeginPaint
SetRect
DrawEdge
DrawTextW
FillRect
CreateWindowExW
GetSystemMetrics
GetDesktopWindow
RegisterClassExW
InflateRect
GetSysColor
SetFocus
ReleaseDC
GetDC
AdjustWindowRectEx
GetKeyState
SetMenuDefaultItem
CheckMenuRadioItem
EnableMenuItem
AppendMenuW
DeleteMenu
LoadCursorW
SetCursor
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
CallWindowProcW
IsWindow
GetDlgCtrlID
GetParent
SetCapture
RedrawWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
SetWindowTextW
SendMessageW
GetWindowLongW
UnregisterClassA

gdi32

LineTo
MoveToEx
SetTextColor
SetBkMode
GetObjectW
DeleteDC
CreateSolidBrush
CreatePen
Polygon
SetViewportOrgEx
SelectObject
CreateCompatibleDC
GetStockObject
DeleteObject
CreateCompatibleBitmap

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr
VarDecCmp

comctl32

ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_DragLeave
InitCommonControlsEx

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35d1e972bbc0343e73c3a5059bd20a47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 299KB - Virtual size: 299KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 299KB - Virtual size: 299KB