a55ea7746c767cf3d1920f9454b2f272_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a55ea7746c767cf3d1920f9454b2f272_JaffaCakes118
Size

55KB
MD5

a55ea7746c767cf3d1920f9454b2f272
SHA1

09f1973d5370ca0186c8c45694c8dc7b307e3c77
SHA256

bd6fe7a7da14fd83d20e95d9d7901f0874f556f1755de62655483d6013531feb
SHA512

c5742b6b872c4d41ac3433abaec3b04d64de348477d225e5e3446488aca70ebb4a578ee22afab2046be0e681a89eccaabdff1369f3ac32f2c5fdcc76cc4ed5d6
SSDEEP

768:FyPqcLBuH60s8bNT8Z/lF+C0hRxuno/AzyOWjLIW84vwXl3ThwCgKJdw9inQfLCp:eBMH6M8EC0dOW8rXlUKJ6gnke4a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a55ea7746c767cf3d1920f9454b2f272_JaffaCakes118

Files

a55ea7746c767cf3d1920f9454b2f272_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1406050f2f610dce330a1954add2b4e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsA
GetCPInfoExA
DeleteFileW
LocalFree
GetCurrentProcess
LocalReAlloc
GetLocaleInfoW
LocalAlloc
GetUserDefaultLCID
GetTickCount
AreFileApisANSI
GetDateFormatA
FreeLibrary
GetSystemTime
Sleep
GetLastError
LeaveCriticalSection
SystemTimeToFileTime
EnterCriticalSection
CloseHandle
CompareFileTime
ReleaseMutex
IsBadReadPtr
WaitForSingleObject
lstrlenA
LoadResource
WideCharToMultiByte
ExpandEnvironmentStringsW
GetTimeFormatA
GetDateFormatW
FindResourceW
FindResourceA
SetFileAttributesW
SearchPathW
SetFileAttributesA
SearchPathA
CreateMutexW
CreateMutexA
CreateProcessW
CreateProcessA
LoadLibraryW
LoadLibraryA
lstrcpynA
DeleteFileA
MultiByteToWideChar
GetCurrentThreadId
LockResource
SetLastError
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetVersionExA
GetSystemDefaultLangID
GetTimeFormatW
lstrcmpA
GetProcAddress
GetModuleFileNameA
HeapFree

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CLSIDFromString
StringFromGUID2

user32

MessageBeep
GetParent
IsWindowEnabled
GetDlgItemInt
SetForegroundWindow
CheckDlgButton
PostMessageA
SetFocus
IsDlgButtonChecked
GetFocus
EndDialog
CheckRadioButton
FindWindowA
SetWindowLongA
SetWindowTextW
WinHelpW
GetSysColor
DestroyIcon
InvalidateRect
BeginPaint
EndPaint
GetWindowLongA
SendMessageW
MessageBoxW
MessageBoxA
FindWindowW
SetWindowTextA
GetWindowTextW
WinHelpA
LoadImageW
MapWindowPoints
OffsetRect
GetClientRect
MoveWindow
InflateRect
SetRect
GetDC
ReleaseDC
LoadStringA
CharPrevA
SendMessageA
GetDlgItem
GetSystemMetrics
ShowWindow
UpdateWindow
SystemParametersInfoA
LoadStringW
DialogBoxParamA
DialogBoxParamW
DefWindowProcA
DefWindowProcW
LoadIconA
GetWindowTextA
LoadImageA
EnableWindow

advapi32

RegSetValueExW
RegSetKeySecurity
QueryServiceStatus
StartServiceW
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryValueExA
AddAccessAllowedAce
GetLengthSid
OpenSCManagerW
InitializeAcl
RegCloseKey
FreeSid
RegOpenKeyExA
CloseServiceHandle
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
IsValidSid
GetTokenInformation
GetSidIdentifierAuthority
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteKeyA
RegQueryValueExW
RegCreateKeyExW
GetUserNameW
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegDeleteValueW
OpenProcessToken
OpenServiceW

msvcrt

wcscat
wcslen
wcscmp
_itow
wcsncmp
wcscpy
_ltow

comctl32

PropertySheetW
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageW

gdi32

UpdateColors
RealizePalette
SetDIBitsToDevice
DeleteObject
GetDeviceCaps
CreatePalette
SelectPalette

rpcrt4

NdrOleFree
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
NdrOleAllocate
CStdStubBuffer_CountRefs

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1406050f2f610dce330a1954add2b4e5

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

msvcrt

comctl32

gdi32

rpcrt4

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 22KB - Virtual size: 21KB

.data1 Size: 512B - Virtual size: 1B

.data2 Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 872B

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 22KB - Virtual size: 21KB

.data1
Size: 512B - Virtual size: 1B

.data2
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 872B