b158431f981cfe53c2f70e41834969dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b158431f981cfe53c2f70e41834969dc_JaffaCakes118
Size

444KB
MD5

b158431f981cfe53c2f70e41834969dc
SHA1

95ac095d82d4dd8b6982c2330ea01f4da956f930
SHA256

9f1c925eabfbd395839d91814f08f67ac6071f35452fff72ac3532e7766b3125
SHA512

53f216beb3e4dfbbe980f737e1736e048d635d749170b8183b585c47151a661ae55401adf76b04e3edca4c57099696268ec431f6c45ff01b8b4f295208780cbd
SSDEEP

6144:5oj5VsSRPlNiVd6FLEXQpQ1icogHqRQsLiE/uVvM9z3eQto:5oj5i4PYd6FAXQ6UulsLyQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b158431f981cfe53c2f70e41834969dc_JaffaCakes118

Files

b158431f981cfe53c2f70e41834969dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f6617a265a805fe9658458f3411ebd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW
PathRemoveFileSpecW
PathFindFileNameW
PathRemoveExtensionW

comctl32

CreateStatusWindowW
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_Replace
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

kernel32

SetLastError
lstrcpynA
lstrlenA
GlobalFree
GlobalUnlock
MulDiv
lstrcpyW
GetCurrentProcessId
CloseHandle
CreateFileW
ReadFile
SetFilePointer
WriteFile
WaitForSingleObject
GetFileSize
FindClose
GetFullPathNameW
FindFirstFileW
FindNextFileW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitThread
CreateThread
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
Sleep
HeapSize
ExitProcess
InterlockedIncrement
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FlushFileBuffers
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
GetModuleHandleA
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
lstrcmpiW
LoadLibraryW
GetLastError
GetProcAddress
FreeLibrary
GetVersionExW
lstrcpynW
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocaleInfoW
lstrcmpW
lstrlenW
GetUserDefaultLangID
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
FreeResource
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatW
WideCharToMultiByte
GetDateFormatW
LockResource
RaiseException
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
FindResourceExW
GetStdHandle
VirtualQuery

user32

TranslateMessage
GetMessageW
PeekMessageW
DestroyWindow
LoadStringW
IsMenu
GetMenuItemCount
InvalidateRect
UpdateWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
DialogBoxIndirectParamW
EndDialog
GetDC
GetSystemMetrics
MoveWindow
InflateRect
LoadImageW
wvsprintfW
LoadStringA
PostQuitMessage
SetRectEmpty
IsWindowVisible
SetScrollInfo
DestroyCursor
SetRect
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
PtInRect
ScreenToClient
CreatePopupMenu
AppendMenuW
IsWindowEnabled
EnableMenuItem
TrackPopupMenu
CopyRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMessagePos
WindowFromPoint
ScrollWindowEx
GetScrollInfo
SetScrollPos
MessageBeep
TrackPopupMenuEx
MonitorFromPoint
OffsetRect
DrawTextW
DrawFocusRect
DrawEdge
SystemParametersInfoW
RemoveMenu
DrawFrameControl
CreateDialogIndirectParamW
GetFocus
FrameRect
UnhookWindowsHookEx
CallNextHookEx
GetClassNameW
SetWindowsHookExW
CharLowerW
GetKeyState
RegisterWindowMessageW
GetSubMenu
GetWindowThreadProcessId
UnregisterClassA
DispatchMessageW
LoadMenuW
CharNextW
IsWindow
GetWindowPlacement
PostMessageW
SetWindowPlacement
GetActiveWindow
CreateWindowExW
GetWindowDC
ReleaseDC
LoadIconW
SetMenu
ModifyMenuW
DestroyMenu
GetMenu
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
SetFocus
ShowWindow
ReleaseCapture
GetCursorPos
SetCapture
SetCursor
FillRect
GetWindowTextLengthW
GetWindowTextW
SendMessageW
EnableWindow
GetDlgItem
MessageBoxW
GetDlgItemTextW
CallWindowProcW
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetDlgItemTextW
SetWindowTextW
DestroyCaret
GetSysColorBrush
GetWindowLongW
SetWindowLongW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetSysColor
SetWindowPos
DefWindowProcW

gdi32

CreateBitmap
PatBlt
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
BitBlt
CreatePatternBrush
GetTextExtentPoint32W
SetTextColor
SetBkMode
SelectObject
CreateCompatibleDC
CreateDIBSection
LineTo
MoveToEx
DeleteDC
DeleteObject
SetBrushOrgEx
SetBkColor
CreateFontW
GetStockObject
GetObjectW
SetViewportOrgEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f6617a265a805fe9658458f3411ebd3

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 22KB - Virtual size: 31KB

.rsrc Size: 83KB - Virtual size: 83KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 22KB - Virtual size: 31KB

.rsrc
Size: 83KB - Virtual size: 83KB