a2fefaed11b75d823fc95f77832c8885_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2fefaed11b75d823fc95f77832c8885_JaffaCakes118
Size

331KB
MD5

a2fefaed11b75d823fc95f77832c8885
SHA1

7e8ac189f1454dd6668831fe492b565f6c0d9bb3
SHA256

91a06745699b651ceb8d5d9b3b479a13f3948e9b93934abf7b5bbe121e4baa0d
SHA512

599ab805a2d1c06af5e9cb226064a7ed3b9c9659255bab51d31373a92354e890b3ff76048e959e83daf06ece32502865bbe33c3deffa17b7d23fbfb60ab5a6d1
SSDEEP

6144:ZZJkw4WAVUXYt3kkmEOCz5AoK7bW1f/A3aOHMRmrbuPtcdj8anyCS:ZZJkw6VJR9mpCz0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2fefaed11b75d823fc95f77832c8885_JaffaCakes118

Files

a2fefaed11b75d823fc95f77832c8885_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45802d62535e2559756fdd02ab3ee3b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

cmak.pdb

Imports

msvcrt

__p__commode
__p__fmode
exit
_cexit
_XcptFilter
__set_app_type
_adjust_fdiv
_except_handler3
iswalpha
wcsrchr
wcslen
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
_exit
_c_exit
_wtoi
isspace
wcsstr
wcscmp
wcstok
_itow
tolower
wcscat
_wtol
wcschr
_wcsicmp
wcscpy

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExW
RegCloseKey

kernel32

LoadLibraryA
InterlockedDecrement
HeapFree
HeapAlloc
GetProcessHeap
InterlockedIncrement
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileAttributesA
CloseHandle
CreateFileW
GetPrivateProfileStringW
lstrlenW
CompareStringW
lstrcmpW
SetLastError
GetDiskFreeSpaceW
GetFileSize
GetSystemInfo
WideCharToMultiByte
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileW
GetPrivateProfileIntW
WritePrivateProfileStringW
FindNextFileW
SetFileAttributesW
CopyFileW
GetSystemDirectoryW
CreateDirectoryW
lstrcpynW
ExpandEnvironmentStringsW
GetLocaleInfoW
GetFullPathNameW
GetStringTypeExW
lstrlenA
lstrcmpiW
lstrcatW
lstrcpyW
WritePrivateProfileSectionW
SearchPathW
WriteFile
LoadLibraryExA
GetSystemDefaultLCID
MoveFileW
DeleteFileW
GetShortPathNameW
GetExitCodeProcess
ReadFile
SetFilePointer
ExitProcess
GetTempPathW
CreateMutexW
GetCommandLineW
GetModuleHandleW
GetPrivateProfileStringA
WritePrivateProfileStringA
UnmapViewOfFile
lstrcpynA
MapViewOfFileEx
CreateFileMappingW
GetPrivateProfileSectionW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetVersionExW
WaitForSingleObject
FindClose

gdi32

CreatePalette
DeleteObject
GetDIBits
DeleteDC
GetTextExtentPoint32W
GetStockObject
UnrealizeObject
CreateDIBitmap
GetObjectA
StretchBlt
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
SetStretchBltMode

user32

ClientToScreen
LoadMenuW
GetSubMenu
TrackPopupMenu
DestroyMenu
CharNextA
GetSystemMetrics
wsprintfA
CharPrevW
DefWindowProcW
EndPaint
GetWindowRect
BeginPaint
InvalidateRect
SetWindowLongW
GetWindowLongW
RegisterClassW
ReleaseDC
GetDC
SendDlgItemMessageA
SendDlgItemMessageW
MessageBoxW
wsprintfW
GetDlgItem
SendMessageW
CharNextW
SetFocus
LoadStringW
EnableWindow
IsDlgButtonChecked
ShowWindow
CheckDlgButton
IsWindowEnabled
GetFocus
LoadImageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetParent
EndDialog
DialogBoxParamW
MsgWaitForMultipleObjects
PostMessageW
MoveWindow
SystemParametersInfoA
CheckRadioButton
GetKeyState
GetComboBoxInfo
SetForegroundWindow
IsIconic
BringWindowToTop
GetLastActivePopup
FindWindowW

cmutil

CmStrCatAllocA
CmStrCpyAllocA
CmStrrchrW
CmAtolW
CmStrtokW
CmFree
CmMalloc
CmLoadImageW
WzToSzWithAlloc
GetOSVersion
CmRealloc
GetOSBuildNumber
GetOSMajorVersion
CmLoadStringW
SzToWzWithAlloc
ReleaseBold
MakeBold
CmStrchrW
CmFmtMsgW
CmIsSpaceW
CmStrStrW
CmEndOfStrW
CmStrTrimW
CmStrCatAllocW
CmStrCpyAllocW

comctl32

InitCommonControlsEx
PropertySheetW

comdlg32

CommDlgExtendedError
GetOpenFileNameW

ole32

StringFromGUID2
CoCreateGuid

shell32

ShellExecuteExW
SHFileOperationW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45802d62535e2559756fdd02ab3ee3b5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

cmutil

comctl32

comdlg32

ole32

shell32

version

Sections

.text Size: 122KB - Virtual size: 122KB

.data Size: 512B - Virtual size: 25KB

.rsrc Size: 208KB - Virtual size: 228KB

.text
Size: 122KB - Virtual size: 122KB

.data
Size: 512B - Virtual size: 25KB

.rsrc
Size: 208KB - Virtual size: 228KB