939dd4915a0d2418c9f56292571ed8d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

939dd4915a0d2418c9f56292571ed8d0_JaffaCakes118
Size

326KB
MD5

939dd4915a0d2418c9f56292571ed8d0
SHA1

45fdfd325d666ece607719bdbd9d21651bcffc33
SHA256

c564a9420ba451dadc9223b920bc489c1dc3f800bd56a350b3861e921b591380
SHA512

44197bd25736971706d2bc857612c0e7fe99e535a8a1c2c348ad32f7746bd06272cb2a38cf966117315df7b4755ec5935b55234149bd50897091b57178ecdd3e
SSDEEP

6144:XcnbSxUf9PK0pptZQhsk1fhrYiFO2pL8AfuBWyyJh85ZBhKr+5p50pEt:svf9C8whHOOfuUJSCr+5p50pEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
939dd4915a0d2418c9f56292571ed8d0_JaffaCakes118

Files

939dd4915a0d2418c9f56292571ed8d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4101a366193713b554591cf37200e5da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_time64
_localtime64
iswctype
wcsncpy
memcpy
_wtol
wcsncmp
memset
_except_handler3

kernel32

ExpandEnvironmentStringsA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
GetProcAddress
GetModuleHandleA
OpenProcess
GetCurrentThreadId
lstrcpyA
WaitForSingleObject
CloseHandle
WriteFile
CreateFileA
GetLastError
lstrcatA
FindAtomA
GetTempFileNameA
lstrcmpA
lstrlenA
GetTempPathA
ExitProcess
VirtualAlloc
GlobalAlloc
FreeLibrary
LoadLibraryA
VirtualQueryEx
GetThreadContext
CreateProcessA
GlobalFree
TerminateProcess
ResumeThread
VirtualFree
GetLocaleInfoW
MulDiv
lstrcpynW
CreateFileW
lstrcpyW
LocalFree
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
lstrcmpW
LocalAlloc
lstrlenW
LocalUnlock
CompareStringW
LocalLock
FoldStringW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetUserDefaultLCID
WideCharToMultiByte
SetLastError
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
LocalReAlloc
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
FormatMessageW
GetUserDefaultLangID
LocalSize
lstrcmpiW
GlobalUnlock
GlobalLock
IsDBCSLeadByte
GetCPInfo

user32

LoadStringW
GetWindowTextW
EnableWindow
CreateDialogParamW
DrawTextExW
CloseDesktop
InflateRect
EqualRect
GetWindowThreadProcessId
FindWindowA
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
wsprintfA
ClientToScreen
GetFocus
GetCursorPos
IsWindowVisible
GetWindowRect
MoveWindow
InvalidateRect
ChildWindowFromPoint
ScreenToClient
WinHelpW
GetDlgCtrlID
SendDlgItemMessageW
SetCursor
ReleaseDC
GetDC
MessageBoxW
GetDesktopWindow
LoadIconW
DialogBoxParamW
SetFocus
EnableMenuItem
GetSubMenu
SendMessageW
GetMenu
PostMessageW
SetActiveWindow
GetKeyboardLayout
GetForegroundWindow
MessageBeep
DestroyWindow
PostQuitMessage
IsIconic
DefWindowProcW
CharNextW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
GetMessageW
GetSystemMetrics
SetWindowTextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
wsprintfW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
GetWindowLongW
UpdateWindow
SetScrollPos
GetWindowPlacement
PeekMessageW
SetWindowLongW
LoadAcceleratorsW
GetSystemMenu
CharUpperW
ShowWindow
GetClientRect
SetWindowPlacement
CreateWindowExW
LoadCursorW
RegisterWindowMessageW
RegisterClassExW
LoadImageW
CharLowerW

shell32

DragAcceptFiles
ShellAboutW
DragFinish
ShellExecuteA
DragQueryFileW

shlwapi

SHGetValueA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
CreateProcessAsUserA

gdi32

SetBkMode
GetTextMetricsW
EndPage
EndDoc
LPtoDP
SetAbortProc
StartDocW
SetWindowExtEx
TextOutW
GetTextExtentPoint32W
SelectObject
GetTextFaceW
EnumFontsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetBkMode
GetBkColor
SetViewportExtEx
SetMapMode
CreateDCW
StartPage
DeleteDC

comdlg32

FindTextW
PageSetupDlgW
CommDlgExtendedError
ChooseFontW
PrintDlgExW
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4101a366193713b554591cf37200e5da

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

shlwapi

advapi32

gdi32

comdlg32

winspool.drv

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 258KB - Virtual size: 264KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 258KB - Virtual size: 264KB

.rsrc
Size: 18KB - Virtual size: 17KB