95f49941cab6e78e702d32b8d58743bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95f49941cab6e78e702d32b8d58743bb_JaffaCakes118
Size

1.0MB
MD5

95f49941cab6e78e702d32b8d58743bb
SHA1

753c25f5b519d4b71ea426bc58023b61c2776f95
SHA256

115c108cf686054b88837bab40d6edf7b88df256a1623d504024d3c1a1ffdcb4
SHA512

284d8f95197f8a0fe62e2c437dd9a93140dfae60c7b041236325377e64a92cc67c86a70db82f412d629559b44fe9e11bc9d0f3b2322e72427fcf859629e780a0
SSDEEP

24576:WjKtH3Z5azDPI3/2U4V5retXLmkhBMaxn21Csu70cA32Oyn:UKtmPa2U4smyhJ8Ch76y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f49941cab6e78e702d32b8d58743bb_JaffaCakes118

Files

95f49941cab6e78e702d32b8d58743bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c080873cb2f7e883fabe6a18107287d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
GetFileAttributesA
CompareFileTime
FindClose
FindFirstFileA
GetTempFileNameA
GetTempPathA
ExitProcess
TerminateProcess
GetCurrentProcess
ReleaseMutex
CreateMutexA
OpenMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
CreateDirectoryA
CreateProcessA
MultiByteToWideChar
IsDBCSLeadByte
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MoveFileExA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
GetLastError
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleHandleA
FreeLibrary
InitializeCriticalSection
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
GetFileType
SetHandleCount
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapFree
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
HeapAlloc
RtlUnwind
RaiseException
InterlockedExchange
SetLastError
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
ReadFile
GlobalFree
lstrcpyA
GetTickCount
GlobalReAlloc
lstrcmpA
lstrcmpiA
GetExitCodeProcess
SetFileAttributesA
GlobalUnlock
VirtualProtect
GlobalAlloc
LocalSize
GlobalLock
GlobalSize
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
Sleep
LocalAlloc
LocalFree
lstrcatA
WriteFile
GetModuleFileNameA
GetDriveTypeA
CreateFileA
SetFilePointer
GetFileSize
CloseHandle
lstrcpynA
LCMapStringA
lstrlenA

user32

SetCursor
ScreenToClient
LoadStringA
MessageBoxA
ExitWindowsEx
IsWindow
IsIconic
IsWindowVisible
GetSystemMetrics
GetSysColor
DestroyWindow
SystemParametersInfoA
SetPropA
MapDialogRect
DialogBoxParamA
GetWindowLongA
SetTimer
GetCursorPos
GetScrollInfo
KillTimer
LoadBitmapA
SetRect
SetRectEmpty
GetSysColorBrush
EnableWindow
SendDlgItemMessageA
DrawTextExA
CheckDlgButton
GetParent
PostMessageA
IsDlgButtonChecked
FillRect
GetWindowTextA
DrawTextA
CallWindowProcA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
SetWindowPos
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
GetSystemMenu
EnableMenuItem
PostQuitMessage
GetDC
ReleaseDC
BeginPaint
EndPaint
SendMessageA
IsZoomed
DefWindowProcA
MessageBeep
SetWindowLongA
UpdateWindow
InvalidateRect
EndDialog
GetDlgItem
GetWindowRect
MoveWindow
ShowWindow
wsprintfA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
GetClientRect
PtInRect
LoadCursorA
SetFocus

gdi32

CreateFontA
CreateBrushIndirect
CreateRectRgn
SetTextAlign
SelectClipRgn
GetDeviceCaps
SetStretchBltMode
StretchBlt
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreatePen
SelectObject
CreateSolidBrush
Rectangle
DeleteObject
SetBkMode
SetTextColor
TextOutA
BitBlt
SetBkColor
GetStockObject
GetTextFaceA

shell32

SHGetSpecialFolderLocation
SHChangeNotify
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance

comctl32

ord8
CreatePropertySheetPageA
ord17
PropertySheetA

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c080873cb2f7e883fabe6a18107287d4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 125KB

.rsrc Size: 116KB - Virtual size: 112KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 125KB

.rsrc
Size: 116KB - Virtual size: 112KB