ba7b8cd9f9a6ede53ec7cfcf8d895a80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba7b8cd9f9a6ede53ec7cfcf8d895a80_JaffaCakes118
Size

916KB
MD5

ba7b8cd9f9a6ede53ec7cfcf8d895a80
SHA1

94737b69c7fdc53a03f2607d69e00db4bbf97f7e
SHA256

1aaf030fcae36548031c8c66a2383d44b02a85632064710913cf4752c007c03c
SHA512

ba1fdce94f304900c2c22c4876b2125da7dbbf1a114c1fa29a71ab8e51ff1c12a2da9bed793cca5194473f1ad11545dbef971f6f6038bec34d14b505432d8dfe
SSDEEP

12288:ZmzYLw2mStvNXgAHmp9LWKhbql03xuQZVdLuHA9DAKcUXBImX8tlNbSfqZB1HPQQ:JWONXVHQLW9ifq9YTbVWH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba7b8cd9f9a6ede53ec7cfcf8d895a80_JaffaCakes118

Files

ba7b8cd9f9a6ede53ec7cfcf8d895a80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14ff9771758db208e69c7b608dd69b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
WriteFile
SetFilePointer
SetLastError
GetTempPathW
InterlockedIncrement
InterlockedDecrement
lstrlenW
FormatMessageW
GetCommandLineW
GetDiskFreeSpaceExW
lstrcatW
lstrcpyW
GetSystemDefaultUILanguage
lstrcmpW
FreeConsole
ReadConsoleW
WriteConsoleW
GetStdHandle
AllocConsole
GetDriveTypeW
WideCharToMultiByte
InterlockedExchange
GetLocaleInfoW
SetEndOfFile
GetOEMCP
GetACP
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
CreateFileW
GetCPInfo
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
MultiByteToWideChar
GetFileSize
ReadFile
CopyFileW
DeleteCriticalSection
InitializeCriticalSection
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateDirectoryW
GetModuleFileNameW
GetLongPathNameW
ExpandEnvironmentStringsW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
FindClose
RemoveDirectoryW
FindFirstFileW
GetShortPathNameW
FindNextFileW
GetCurrentProcess
GetModuleHandleW
GetSystemInfo
GetVersionExW
Sleep
WaitForMultipleObjects
SetEvent
WaitForSingleObject
TerminateThread
CreateEventW
ResetEvent
CreateThread
GetCurrentProcessId
LoadLibraryA
CreateProcessW
LoadLibraryW
GetProcAddress
FreeLibrary
OpenProcess
GetProcessHeap
HeapAlloc
HeapFree
CloseHandle
IsValidLocale
GetLastError

user32

IsWindowVisible
SetLayeredWindowAttributes
LoadIconW
MessageBoxW
ExitWindowsEx
SetForegroundWindow
SetRectEmpty
ReleaseDC
GetDC
GetWindowThreadProcessId
CopyRect
TrackMouseEvent
FindWindowW
PostMessageW
SetWindowRgn
SystemParametersInfoW
SetTimer
KillTimer
DefWindowProcW
SetFocus
PostQuitMessage
GetDlgItem
GetFocus
EndPaint
SetRect
DrawTextW
BeginPaint
GetClientRect
GetDesktopWindow
GetDlgCtrlID
FillRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
GetWindowTextW
GetClassNameW
UnregisterClassW
AnimateWindow
PtInRect
MapWindowPoints
SetWindowLongW
GetWindowLongW
MoveWindow
CreateWindowExW
SetActiveWindow
DestroyWindow
RegisterClassW
GetSysColor
LoadStringW
GetNextDlgGroupItem
UpdateWindow
IsWindowEnabled
SetCursor
GetNextDlgTabItem
InflateRect
DrawFocusRect
NotifyWinEvent
SendMessageW
SetPropW
GetPropW
CallWindowProcW
ShowWindow
wsprintfW
InvalidateRect
SetWindowPos
GetParent
OffsetRect
LoadCursorW
RegisterClassExW
GetWindowRect
IsWindow
SetWindowTextW
LoadAcceleratorsW
EnableWindow
GetMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW

gdi32

SetDIBits
DeleteDC
DeleteObject
SelectObject
GetBkMode
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetDIBits
GetObjectW
CreateFontIndirectW
AddFontResourceExW
AddFontMemResourceEx
SetTextColor
SetBkMode
StretchBlt
GetLayout
SetLayout
SetDCPenColor
Rectangle
GetStockObject

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
AdjustTokenPrivileges
RegQueryValueExW
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueW

shell32

ord680
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
SHFileOperationW

ole32

CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString

msi

ord88
ord169
ord190
ord205
ord70
ord173
ord141
ord137

comctl32

InitCommonControlsEx

shlwapi

PathAppendW
PathIsDirectoryW
PathAddBackslashW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathIsRelativeW
PathFindExtensionW

wininet

InternetQueryDataAvailable
InternetGetConnectedState
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetReadFile

oleacc

LresultFromObject
AccessibleObjectFromWindow

Sections

.text
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f14ff9771758db208e69c7b608dd69b0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

comctl32

shlwapi

wininet

oleacc

Sections

.text Size: 580KB - Virtual size: 579KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 48KB - Virtual size: 70KB

.rsrc Size: 284KB - Virtual size: 280KB

.text
Size: 580KB - Virtual size: 579KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 48KB - Virtual size: 70KB

.rsrc
Size: 284KB - Virtual size: 280KB