95f8a8891b4ca5a93cc92f3d29516eba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95f8a8891b4ca5a93cc92f3d29516eba_JaffaCakes118
Size

1.9MB
MD5

95f8a8891b4ca5a93cc92f3d29516eba
SHA1

59b07a3649c4d0cb7a73b09f25da530059781d29
SHA256

c279db1c2711e1bf803eeb355e702f8d8b49eaff1748f3203873e9e705765ec8
SHA512

3ff2e9ed920d82642ec554a2cc67f0ecc0305a059f18611d25a6ae4a0b8b4e48fa8d8ffc5c6d44083af246a42bd467d8a4feb4f153dc697093daa408c79d4e71
SSDEEP

49152:0dVKWkfTTbVWHKJIquE7xkrBONK9necD4ld:ykfJWHKCquaO5eccd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f8a8891b4ca5a93cc92f3d29516eba_JaffaCakes118

Files

95f8a8891b4ca5a93cc92f3d29516eba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14ff9771758db208e69c7b608dd69b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
WriteFile
SetFilePointer
SetLastError
GetTempPathW
InterlockedIncrement
InterlockedDecrement
lstrlenW
FormatMessageW
GetCommandLineW
GetDiskFreeSpaceExW
lstrcatW
lstrcpyW
GetSystemDefaultUILanguage
lstrcmpW
FreeConsole
ReadConsoleW
WriteConsoleW
GetStdHandle
AllocConsole
GetDriveTypeW
WideCharToMultiByte
InterlockedExchange
GetLocaleInfoW
SetEndOfFile
GetOEMCP
GetACP
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
CreateFileW
GetCPInfo
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
MultiByteToWideChar
GetFileSize
ReadFile
CopyFileW
DeleteCriticalSection
InitializeCriticalSection
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateDirectoryW
GetModuleFileNameW
GetLongPathNameW
ExpandEnvironmentStringsW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
FindClose
RemoveDirectoryW
FindFirstFileW
GetShortPathNameW
FindNextFileW
GetCurrentProcess
GetModuleHandleW
GetSystemInfo
GetVersionExW
Sleep
WaitForMultipleObjects
SetEvent
WaitForSingleObject
TerminateThread
CreateEventW
ResetEvent
CreateThread
GetCurrentProcessId
LoadLibraryA
CreateProcessW
LoadLibraryW
GetProcAddress
FreeLibrary
OpenProcess
GetProcessHeap
HeapAlloc
HeapFree
CloseHandle
IsValidLocale
GetLastError

user32

IsWindowVisible
SetLayeredWindowAttributes
LoadIconW
MessageBoxW
ExitWindowsEx
SetForegroundWindow
SetRectEmpty
ReleaseDC
GetDC
GetWindowThreadProcessId
CopyRect
TrackMouseEvent
FindWindowW
PostMessageW
SetWindowRgn
SystemParametersInfoW
SetTimer
KillTimer
DefWindowProcW
SetFocus
PostQuitMessage
GetDlgItem
GetFocus
EndPaint
SetRect
DrawTextW
BeginPaint
GetClientRect
GetDesktopWindow
GetDlgCtrlID
FillRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
GetWindowTextW
GetClassNameW
UnregisterClassW
AnimateWindow
PtInRect
MapWindowPoints
SetWindowLongW
GetWindowLongW
MoveWindow
CreateWindowExW
SetActiveWindow
DestroyWindow
RegisterClassW
GetSysColor
LoadStringW
GetNextDlgGroupItem
UpdateWindow
IsWindowEnabled
SetCursor
GetNextDlgTabItem
InflateRect
DrawFocusRect
NotifyWinEvent
SendMessageW
SetPropW
GetPropW
CallWindowProcW
ShowWindow
wsprintfW
InvalidateRect
SetWindowPos
GetParent
OffsetRect
LoadCursorW
RegisterClassExW
GetWindowRect
IsWindow
SetWindowTextW
LoadAcceleratorsW
EnableWindow
GetMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW

gdi32

SetDIBits
DeleteDC
DeleteObject
SelectObject
GetBkMode
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetDIBits
GetObjectW
CreateFontIndirectW
AddFontResourceExW
AddFontMemResourceEx
SetTextColor
SetBkMode
StretchBlt
GetLayout
SetLayout
SetDCPenColor
Rectangle
GetStockObject

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
AdjustTokenPrivileges
RegQueryValueExW
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueW

shell32

ord680
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
SHFileOperationW

ole32

CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString

msi

ord88
ord169
ord190
ord205
ord70
ord173
ord141
ord137

comctl32

InitCommonControlsEx

shlwapi

PathAppendW
PathIsDirectoryW
PathAddBackslashW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathIsRelativeW
PathFindExtensionW

wininet

InternetQueryDataAvailable
InternetGetConnectedState
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetReadFile

oleacc

LresultFromObject
AccessibleObjectFromWindow

Sections

.text
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f14ff9771758db208e69c7b608dd69b0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

comctl32

shlwapi

wininet

oleacc

Sections

.text Size: 580KB - Virtual size: 579KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 48KB - Virtual size: 70KB

.rsrc Size: 284KB - Virtual size: 280KB

.text
Size: 580KB - Virtual size: 579KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 48KB - Virtual size: 70KB

.rsrc
Size: 284KB - Virtual size: 280KB