b362e79ab8c26fca11c2b52d64e575df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b362e79ab8c26fca11c2b52d64e575df_JaffaCakes118
Size

116KB
MD5

b362e79ab8c26fca11c2b52d64e575df
SHA1

c6e57df02d3f4b644393f027240b13142a8b70c0
SHA256

6acfb524c4b5bac4591d8bed81bfe470ff266d65bf61c8e3cb09d902f93691b6
SHA512

7ecd6d09c57ad26278a52ef2f2bf0f41a286784b2a400e7a33bed51d3a5082b4ed7901708f1637c56c651e25d779669f662dd045aea9cd0444e52aa75b5d1585
SSDEEP

3072:1Au4xeVVjWZp9xRA8YYsMMJ7hJezhoRD5QFW0oc:iu4dpu5dMMJ7h0zhoy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b362e79ab8c26fca11c2b52d64e575df_JaffaCakes118

Files

b362e79ab8c26fca11c2b52d64e575df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b20735b3dd2fe93d982c537a2278038b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
CreateFontIndirectW
SetBkColor
SetTextColor
DeleteObject

crypt32

CryptEncodeObjectEx
CertEnumSystemStoreLocation
CryptEncodeObject

shell32

CommandLineToArgvW
ShellExecuteExW

uxtheme

GetThemeColor
CloseThemeData
OpenThemeData
GetThemeFont

msvcrt

_vsnwprintf
_amsg_exit
memset
__wgetmainargs
__p__fmode
??3@YAXPAX@Z
?terminate@@YAXXZ
__set_app_type
_wcmdln
_cexit
_exit
_XcptFilter
wcstoul
exit
__setusermatherr
_initterm
_wcsicmp
??2@YAPAXI@Z
__p__commode
_controlfp

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

powrprof

CallNtPowerInformation

advapi32

RegOpenKeyExW
GetTraceEnableFlags
RegSetValueExW
RegQueryValueExW
UnregisterTraceGuids
RegCloseKey
RegisterTraceGuidsW
GetTraceEnableLevel
RegCreateKeyW
GetTraceLoggerHandle
RegCreateKeyExW
TraceMessage

user32

CheckDlgButton
SetDlgItemTextW
SetActiveWindow
LoadIconW
SetFocus
GetWindowLongW
EnableWindow
RegisterClassExW
CreateWindowExW
SendMessageW
DialogBoxParamW
GetWindowTextW
FindWindowExW
SetWindowTextW
PostQuitMessage
PostMessageW
ShowWindow
DefWindowProcW
SetForegroundWindow
GetSysColor
UnregisterClassW
EndDialog
GetParent
GetDlgCtrlID
TranslateMessage
FindWindowW
GetMessageW
SetTimer
UnregisterDeviceNotification
SetWindowLongW
DispatchMessageW
SendDlgItemMessageW
GetWindowTextLengthW
RegisterDeviceNotificationW
GetDlgItem
IsDlgButtonChecked
DestroyWindow
GetSysColorBrush
LoadStringW
KillTimer

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx

kernel32

WaitForSingleObject
GetCurrentProcess
GlobalAlloc
GetCurrentThreadId
GetStartupInfoW
WideCharToMultiByte
GetModuleHandleA
GetTickCount
LoadResource
GetProcessVersion
LocalAlloc
LockResource
DeleteCriticalSection
FindResourceW
GetSystemTimeAsFileTime
InitializeCriticalSection
CloseHandle
CreateThread
ExitProcess
InterlockedIncrement
GetLastError
InterlockedDecrement
UnhandledExceptionFilter
FreeResource
TerminateProcess
LocalFree
EnterCriticalSection
GetCurrentProcessId
LeaveCriticalSection
QueryPerformanceCounter
InterlockedCompareExchange
SetUnhandledExceptionFilter
InterlockedExchange
Sleep

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b20735b3dd2fe93d982c537a2278038b

Headers

File Characteristics

Imports

gdi32

crypt32

shell32

uxtheme

msvcrt

setupapi

wtsapi32

powrprof

advapi32

user32

ole32

kernel32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 47KB - Virtual size: 46KB

.rsrc Size: 1024B - Virtual size: 240KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 47KB - Virtual size: 46KB

.rsrc
Size: 1024B - Virtual size: 240KB