a708f87689ef4919ee306676f819c3ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a708f87689ef4919ee306676f819c3ed_JaffaCakes118
Size

289KB
MD5

a708f87689ef4919ee306676f819c3ed
SHA1

66688deea6a6aa547b1cb1aa07b55fe9720a39f7
SHA256

1b60bc6d6700ceff81874e03d9f950211b3bea6438760e8c1bd45ae202b99cc1
SHA512

03b58ce8ebcd09609ad4174c99cbc4e8ff41b3347d6f6765336914486d62f849a73e6edefb10d5031b8778079891d1be4dee6860e550b66144e111afcb78dd75
SSDEEP

6144:5t4DREcMZ5vVCiiKrao9afJu3YYtWGaVoRiS6hxH5AgPaBPtpzI:5+FuvVCiisao9Ii3aViKHyBbM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a708f87689ef4919ee306676f819c3ed_JaffaCakes118

Files

a708f87689ef4919ee306676f819c3ed_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4bd2ef357f2e2a3fab897c460e631a14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetMalloc
SHGetFileInfoW

msvcrt

_adjust_fdiv
_XcptFilter
__set_app_type
_mbschr
setlocale
memmove
??3@YAXPAX@Z
wcschr
__p__fmode
wcscat
_ftol
free
wcslen
wcsncmp
wcsncpy
__p__commode
_exit
_initterm
_c_exit
iswspace
__getmainargs
exit
_wcsicmp
wcsrchr
__setusermatherr
__lconv_init

setupapi

SetupFindNextLine
SetupOpenInfFileW
SetupGetLineCountW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupGetStringFieldW

advapi32

RegOpenKeyExW
RegEnumKeyW
AdjustTokenPrivileges
RegOpenKeyW
GetTokenInformation
RegQueryValueW
RegQueryValueExW
AllocateAndInitializeSid
FreeSid
LookupAccountSidW
OpenProcessToken
RegEnumKeyExW
EqualSid
RegSetValueExW

user32

SetWindowLongW
EndDialog
SendMessageW
DialogBoxParamW
SetForegroundWindow
GetDC
DispatchMessageW
SetTimer
ExitWindowsEx
SetWindowLongA
SendDlgItemMessageW
InvalidateRect
LoadStringA
MessageBoxA
GetDlgItem
LoadStringW
GetClientRect
PostQuitMessage
GetMessageW
SendMessageA
SetFocus
PostMessageW
RegisterClassExW
EnumThreadWindows
GetWindowRect
MessageBoxW
CreateWindowExW
SetWindowPos
LoadCursorW
FindWindowW
SetCursor
wsprintfW
GetSysColor
ScreenToClient

kernel32

GetTickCount
OpenProcess
WaitForMultipleObjects
GetModuleFileNameW
SetCommTimeouts
FileTimeToDosDateTime
GetTempFileNameA
DeleteFileW
TerminateProcess
LeaveCriticalSection
CreateEventW
CreateDirectoryA
CopyFileW
GetSystemTimeAsFileTime
FormatMessageA
HeapQueryInformation
ReadFile
GetVersionExA
LocalFree
FindNextFileW
SetCommState
GetFileAttributesW
CreateFileA
CreateProcessW
HeapUnlock
SetUnhandledExceptionFilter
LocalFree
HeapReAlloc
QueryPerformanceCounter
GetModuleHandleA
GetModuleHandleW
FindFirstFileW
WaitForSingleObject
HeapLock
FreeLibrary
DeviceIoControl
GetCurrentProcess
CreateFileW
GetStartupInfoA
GetVersion
CreateThread
CloseHandle
GetFileAttributesA
LoadLibraryExW
lstrcpyW
DebugBreak
ResetEvent
GetCurrentProcessId
SetEvent
HeapCreate
DeleteFileA
GetCommState
MultiByteToWideChar
lstrlenA
GetProcAddress
EnterCriticalSection
VirtualFree
lstrcatW
GetSystemDirectoryW
GetWindowsDirectoryW
HeapFree
ExpandEnvironmentStringsW
UnhandledExceptionFilter
VirtualAlloc
GetLastError
SetFilePointer
SetCurrentDirectoryW
ExitThread
GetDriveTypeW
LoadLibraryW
GetEnvironmentVariableW
SetFileAttributesW
FindFirstFileA

ole32

CoInitialize
CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemFree

shlwapi

StrCpyNW
StrDupW
StrCmpW
StrCmpIW
PathIsDirectoryW
StrChrIW
StrCpyW
StrCatW
PathAppendW

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bd2ef357f2e2a3fab897c460e631a14

Headers

DLL Characteristics

File Characteristics

Imports

shell32

msvcrt

setupapi

advapi32

user32

kernel32

ole32

shlwapi

Sections

.text Size: 265KB - Virtual size: 265KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 1KB - Virtual size: 696KB

.text
Size: 265KB - Virtual size: 265KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 696KB