b3fee2bf2e3c25ac1cf7ade0cf168682_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3fee2bf2e3c25ac1cf7ade0cf168682_JaffaCakes118
Size

266KB
MD5

b3fee2bf2e3c25ac1cf7ade0cf168682
SHA1

0549e9d61f66ef0e61a7101c4c39cd734301386b
SHA256

b81d963401d5370ada0099305baad1463114141512b6136ef5f9ee2409d535c2
SHA512

f2db6beb764fbee735a0ae01a43924e84b51819fda63f9e01d2861773710fa0798950e1c733d970cbf8fce3d8d34be5ccc8d3865457c692ed77ecf3abab173b3
SSDEEP

3072:VYMCL16rX6gDu23EZKuPLEsuuRYKRwDOIVmrwSppbNGbCFFsYuxNh0ttIe/rcqHa:cq6gV32TYCMupbUbCFFJaPze9ufv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3fee2bf2e3c25ac1cf7ade0cf168682_JaffaCakes118

Files

b3fee2bf2e3c25ac1cf7ade0cf168682_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3118f520a35b754f9099cc0c113723ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
ord17

kernel32

FindFirstFileW
DeviceIoControl
GetFileSize
Sleep
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableW
MulDiv
CompareStringW
CompareStringA
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
GetLocalTime
DeleteFileW
CreateMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
GetProcessAffinityMask
OpenMutexW
GetLastError
ReleaseMutex
lstrcpynW
GetModuleFileNameW
CreateFileW
SetEnvironmentVariableA
CloseHandle
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
WriteFile
SetProcessAffinityMask
GetModuleHandleW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcess
GetCurrentThread
SetPriorityClass
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
TlsFree
TlsSetValue
TlsAlloc
HeapFree
HeapAlloc
RtlUnwind
WideCharToMultiByte
GetVersionExA
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
ReadFile

user32

ShowWindow
SetWindowTextW
LoadStringW
DrawTextExW
FillRect
LoadAcceleratorsW
LoadBitmapW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
BeginPaint
EndPaint
PostQuitMessage
GetMenu
GetSubMenu
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetWindowInfo
DialogBoxParamW
GetMenuState
CheckMenuItem
SendMessageW
EnumChildWindows
GetWindowRect
SetTimer
KillTimer
LoadCursorW
RegisterClassExW
DefWindowProcW
SetWindowPos
SetFocus
CreateWindowExW
DestroyWindow
LoadIconW
MessageBoxW
UpdateWindow
GetClientRect
GetWindowLongW
AdjustWindowRect
GetDC
ReleaseDC
DestroyIcon
EnableWindow
PostMessageW
GetDlgItem
EndDialog

gdi32

CreateBrushIndirect
SetBkColor
SetTextColor
TextOutW
CreateFontW
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
SelectObject
BitBlt
DeleteDC
DeleteObject
CreateFontIndirectW
CreateBitmap

comdlg32

GetSaveFileNameW
ChooseColorW
ChooseFontW

advapi32

RegOpenKeyExA
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
DeleteService
RegQueryValueExA
CreateServiceW
StartServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3118f520a35b754f9099cc0c113723ed

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 44KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 44KB

.rsrc
Size: 36KB - Virtual size: 34KB