a6642e6e1eb29da95f8d355f8688b148_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6642e6e1eb29da95f8d355f8688b148_JaffaCakes118
Size

378KB
MD5

a6642e6e1eb29da95f8d355f8688b148
SHA1

34d95fa49bf3d04615d1b62b947c14c846b6567d
SHA256

95eaa9ade5d009c182a3348355d871f9e6e75bfe64ee72f233880d8f2ec2e595
SHA512

c2a191c5219734b8fe133abd80b6229cf687ec42a95212647c9695539b834dcb3e57dc353ddd2bc5708c44df445a4774c0c5e6c35f3caba1a86ac9dceece6700
SSDEEP

6144:grbrHdi0PdxEOnbUmjnlPtjjaHGuBnMmm/fntzn8k85vlSf/8Nj32O+tFyGuu:QDzxJbUmL+GuBnm/PtLlkofUNhOXuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6642e6e1eb29da95f8d355f8688b148_JaffaCakes118

Files

a6642e6e1eb29da95f8d355f8688b148_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b9872aa5f0006a9da39218096ef1455

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegEnumValueW

msasn1

ASN1_CreateDecoder

kernel32

LocalFree
lstrcpynW
GetCurrentProcessId
LocalAlloc
CloseHandle
GetProcAddress
GlobalAlloc
TlsSetValue
FreeResource
GlobalLock
GetProfileStringW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetACP
WideCharToMultiByte
GetDriveTypeW
lstrcpyA
GetModuleHandleA
CreateThread
lstrcmpW
FindFirstFileW
GetUserDefaultLCID
SizeofResource
MultiByteToWideChar
LockResource
GetShortPathNameW
InterlockedCompareExchange
CreateFileW
GetModuleFileNameW
LocalSize
GetFullPathNameW
TlsAlloc
SetCurrentDirectoryW
FindResourceA
FindNextFileW
SetErrorMode
UnhandledExceptionFilter
FreeLibrary
FindClose
GlobalReAlloc
lstrcmpiW
InterlockedDecrement
lstrlenW
DisableThreadLibraryCalls
DeleteCriticalSection
TlsGetValue
GetLastError
CreateEventW
LoadResource
GetCurrentThreadId
InterlockedIncrement
WaitForSingleObject
FindResourceW
lstrcpyW
EnterCriticalSection
DeleteFileW
ResetEvent
ExpandEnvironmentStringsW
MulDiv
GetCurrentDirectoryW
GetLocaleInfoW
SetLastError
GetProcessVersion
LeaveCriticalSection
GetCurrentProcess
GetFileAttributesW
GetTempFileNameW
LoadLibraryA
GetVersionExA
SetUnhandledExceptionFilter
TerminateProcess
FindResourceExW
TlsFree
LocalReAlloc
FormatMessageW
lstrlenA
GetSystemDefaultUILanguage
InterlockedExchange
SetEvent
GetVolumeInformationW
LoadLibraryW
QueryPerformanceCounter
FreeLibraryAndExitThread
DelayLoadFailureHook
GlobalFree
GlobalUnlock
GetSystemTimeAsFileTime

shlwapi

StrCmpW
PathGetDriveNumberW
StrRChrW
StrDupW
PathIsRootW
PathCombineW
SHRegGetBoolUSValueW
StrChrW
PathIsUNCW
PathAddBackslashW
wnsprintfW
StrCmpNIW
PathFindFileNameW
PathSkipRootW
SHOpenRegStream2W
StrStrW
UrlIsW
PathFindExtensionW
StrCmpIW
SHRegGetValueW
wvnsprintfW
PathRemoveBlanksW
PathMatchSpecW
StrRetToBufW
PathFileExistsW

comctl32

ImageList_GetIconSize
PropertySheetW
InitCommonControlsEx
ImageList_Destroy
CreatePropertySheetPageW
CreateToolbarEx
ImageList_Draw

gdi32

SetBkMode
SetTextColor
SelectClipRgn
GetObjectW
CreateFontIndirectW
SetViewportExtEx
DeleteDC
RealizePalette
GetNearestColor
Rectangle
GetTextExtentPointW
CreateICW
GetDeviceCaps
GetTextCharsetInfo
CreateDiscardableBitmap
MoveToEx
TranslateCharsetInfo
TextOutW
GetMapMode
CreateSolidBrush
EnumFontFamiliesExW
GetViewportExtEx
SelectPalette
CreateCompatibleDC
PatBlt
CreateDCW
ExcludeClipRect
SetWindowExtEx
GetTextCharset
GetTextMetricsW
SetMapMode
CreatePen
CreateFontW
ExtTextOutW
GetStockObject
GetWindowExtEx
CreateDIBitmap
SelectObject
BitBlt
LineTo
DeleteObject
SetBkColor
CreateRectRgnIndirect
GetCharWidth32W
CreateCompatibleBitmap

user32

DlgDirListW
GetDialogBaseUnits
LoadImageW
InvalidateRect
SetWindowsHookExW
UpdateWindow
CheckRadioButton
CopyRect
RemovePropW
MoveWindow
GetWindow
IsWindowVisible
DispatchMessageW
GetLastActivePopup
ClipCursor
SendMessageW
GetSystemMenu
GetDlgItemTextW
FillRect
DefWindowProcW
GetWindowLongA
SetDlgItemTextA
DrawEdge
GetDlgItemInt
GetWindowTextW
MessageBeep
SendDlgItemMessageW
SetCapture
SetFocus
GetDC
CreateDialogIndirectParamA
DrawIcon
TranslateAcceleratorW
IntersectRect
SetWindowPlacement
EnumChildWindows
EndDeferWindowPos
IsDlgButtonChecked
CallWindowProcW
GetDlgItem
WinHelpW
GetWindowRect
GetSysColorBrush
SetWindowPos
PostMessageW
SetDlgItemInt
LoadAcceleratorsW
FindWindowExW
IsWindow
SetTimer
IsWindowEnabled
EndPaint
PtInRect
UnhookWindowsHookEx
CreateDialogIndirectParamAorW
GetKeyboardLayout
CallNextHookEx
EndDialog
RegisterWindowMessageW
EqualRect
ScreenToClient
MessageBoxW
RegisterWindowMessageA
LoadStringW
CheckDlgButton
DestroyMenu
CreateDialogIndirectParamW
CharNextW
GrayStringW
GetPropW
DialogBoxIndirectParamW
ShowWindow
MsgWaitForMultipleObjects
SetCursor
PeekMessageW
DrawFocusRect
GetDlgCtrlID
DeleteMenu
GetClientRect
GetWindowTextLengthW
SetPropW
ReleaseDC
CreatePopupMenu
GetWindowPlacement
InflateRect
KillTimer
SetWindowLongW
SetParent
LockWindowUpdate
RedrawWindow
LoadIconW
GetSystemMetrics
LoadCursorW
GetSysColor
BeginDeferWindowPos
FrameRect
GetDlgItemTextA
EnableWindow
CharLowerW
DialogBoxIndirectParamAorW
GetWindowLongW
CharPrevW
ChildWindowFromPoint
GetKeyState
SetWindowTextW
GetFocus
CharNextA
DrawTextW
GetParent
CreateWindowExW
MapWindowPoints
DeferWindowPos
BeginPaint
ValidateRect
TranslateMessage
RegisterClipboardFormatW
SetDlgItemTextW
DestroyWindow
ShowCursor

ntdll

RtlUnicodeToMultiByteSize
RtlUnwind
RtlUnicodeStringToAnsiString
RtlIsNameLegalDOS8Dot3
wcslen
RtlAnsiStringToUnicodeString
NtAllocateVirtualMemory
_wcsicmp
_chkstk
memmove
NtQueryVirtualMemory
RtlInitUnicodeStringEx

shell32

SHAddToRecentDocs
SHGetFolderLocation
SHGetSpecialFolderPathW
SHCreateShellItem
SHBindToParent
SheChangeDirExW
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 326KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b9872aa5f0006a9da39218096ef1455

Headers

File Characteristics

Imports

advapi32

msasn1

kernel32

shlwapi

comctl32

gdi32

user32

ntdll

shell32

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 326KB - Virtual size: 1.2MB

.rsrc Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 326KB - Virtual size: 1.2MB

.rsrc
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 3KB