93b6584d59e6c75f53a71be1fe138c7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93b6584d59e6c75f53a71be1fe138c7e_JaffaCakes118
Size

120KB
MD5

93b6584d59e6c75f53a71be1fe138c7e
SHA1

125661446511aa528bf041697dff5e3f209509c9
SHA256

959639c7ec1130e913148f00e6a1e6a1340bc4cd1016b756952d0c1577bd8c11
SHA512

a990fe1371960354e3c06fbaa1026e2f2c44ae34b325a49dd7e8362fc8c1055d6eec00f9f66936bf0f5b194ec6fbc30e6b45cb7015721511e8b4919ec247cd41
SSDEEP

1536:CqFFnSh5MAE5woX18UW0AQje5/Au9IcrYkfEEzyb+uZbFgloaQ+xE:NF4hbbo5W05K5oFcrYMQ+urgSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93b6584d59e6c75f53a71be1fe138c7e_JaffaCakes118

Files

93b6584d59e6c75f53a71be1fe138c7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a68405d9e28616baaf1c663fe9e39319

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
lstrcatA
GetCurrentProcess
GlobalUnlock
GlobalLock
GlobalAlloc
FindClose
GetProcAddress
lstrcpyA
lstrcmpA
InterlockedIncrement
HeapDestroy
GetTickCount
GetLocalTime
WriteFile
CreateFileA
GetPrivateProfileStringA
LoadLibraryA
IsDBCSLeadByte
WideCharToMultiByte
FindFirstFileA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
Sleep
CreateEventA
CreateThread
WaitForSingleObject
lstrcpynA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetCommandLineA
GetCurrentThreadId
lstrcmpiA
lstrlenA
CreateMutexA
GetLastError
lstrlenW
GetTimeFormatA
GetCurrentDirectoryA
SetCurrentDirectoryA
InterlockedDecrement
WritePrivateProfileStringA
GetStartupInfoA
GetModuleHandleA
SetEvent
CloseHandle

user32

GetFocus
OffsetRect
UnionRect
DispatchMessageA
SendMessageA
TranslateMessage
GetMessageA
PostMessageA
wvsprintfA
SetForegroundWindow
ShowWindow
IsWindow
IsIconic
GetKeyState
PtInRect
IsChild
IsWindowVisible
SetWindowPos
DefWindowProcA
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
DestroyWindow
SetWindowRgn
PostQuitMessage
RedrawWindow
FillRect
PostThreadMessageA
CharNextA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterWindowMessageA
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetClassNameA
BeginPaint
SetFocus
GetSysColor
GetDC
GetDesktopWindow
LoadIconA
EndPaint
EqualRect
ReleaseDC
IntersectRect

gdi32

DeleteMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
GetDeviceCaps
DeleteDC
SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
CloseMetaFile
CreateRectRgnIndirect

advapi32

RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

ole32

OleUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CreateDataAdviseHolder
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
OleLoadFromStream
WriteClassStm
OleSaveToStream
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
GetRunningObjectTable
CoGetInstanceFromFile
CreateFileMoniker
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocStringLen
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantClear
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
SysStringLen

msvcrt

_mbstok
_purecall
memcmp
_exit
??2@YAPAXI@Z
__CxxFrameHandler
_mbsstr
_mbsdec
_mbsinc
fopen
fscanf
fgets
_mbsrchr
realloc
malloc
free
??3@YAXPAX@Z
strcat
memcpy
_mbsnbcmp
_mbsnbicmp
strcpy
_mbsicmp
memset
_mbscmp
__p__fmode
__p__commode
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__getmainargs
_adjust_fdiv
__setusermatherr
_initterm
_XcptFilter
_acmdln
exit
strlen

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HPCUE
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a68405d9e28616baaf1c663fe9e39319

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 8KB

.HPCUE Size: 4KB - Virtual size: 4B

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 8KB

.HPCUE
Size: 4KB - Virtual size: 4B

.rsrc
Size: 16KB - Virtual size: 15KB