ae1b7759232924d19cbaefe7d0df908a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae1b7759232924d19cbaefe7d0df908a_JaffaCakes118
Size

821KB
MD5

ae1b7759232924d19cbaefe7d0df908a
SHA1

7b2f41878afd8bc89f5ceb5a589a42f0a2c90776
SHA256

4327c8b1f8dab7b0f1fff25a0f98bf20473570764e758a0ac2449dc5f64fe8c9
SHA512

d99a8164c8097aafd5b750b59496bb787f477b92c94d772b2be52002adbcb6e54bf0894651ead7720b44b702fde3058823b34d03bb42f09344954acb7d886bf9
SSDEEP

12288:+SJFImS41QgJGjJYhWlTxcdOmQzteqUrf53osf4+20O77lujI9zQ5aOwQZWi3s3S:+SH8iU60lCEztcrfqJrgIpoaOwO3s3Vg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1b7759232924d19cbaefe7d0df908a_JaffaCakes118

Files

ae1b7759232924d19cbaefe7d0df908a_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

2f45fb0ef446119d6c3f305a42d55768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\IPersist\Projects\KvmSMT\Midp_workspace_2_0_nhal_standalone-dll\Launcher\Release\Launcher.pdb

Imports

kernel32

GetLastError
MulDiv
GlobalUnlock
GlobalLock
lstrcmpA
WideCharToMultiByte
GetModuleFileNameA
SetLastError
lstrcmpiW
FreeLibrary
SizeofResource
LoadResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GlobalFree
GlobalHandle
LockResource
CloseHandle
UnmapViewOfFile
lstrlenW
MapViewOfFile
CreateFileMappingA
CreateFileA
GetProcAddress
LoadLibraryA
GetCurrentThreadId
ExitProcess
HeapSize
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
lstrlenA
FindResourceA
GlobalAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadReadPtr

user32

wsprintfA
RegisterClassExA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
GetParent
GetClassNameA
SetWindowPos
GetDlgItem
IsWindow
SendMessageA
GetFocus
IsChild
GetWindow
SetFocus
BeginPaint
LoadCursorA
CallWindowProcA
GetDesktopWindow
UnregisterClassA
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
DestroyWindow
DefWindowProcA
DestroyAcceleratorTable
LoadStringA
GetWindowLongA
GetActiveWindow
MapDialogRect
SetWindowContextHelpId
GetWindowRect
SystemParametersInfoA
MapWindowPoints
EndDialog
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
EndPaint
GetClassInfoExA
SetWindowLongA
RedrawWindow
MessageBoxA

gdi32

CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance

oleaut32

VariantCopyInd
VariantChangeType
DispCallFunc
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f45fb0ef446119d6c3f305a42d55768

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 916B

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 916B

.rsrc
Size: 12KB - Virtual size: 8KB