bc8005026623a4132247b0c7756df3d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc8005026623a4132247b0c7756df3d3_JaffaCakes118
Size

212KB
MD5

bc8005026623a4132247b0c7756df3d3
SHA1

1426e3661441b1a160e486b38a8cadfba0858a93
SHA256

7b2ea50b863f81bd6f5970443583a369fa7d43369dba7ff223a01186d8f847fc
SHA512

6a8f612b3d853c16e397299079ad5f36faa7a535385fbdfbefe028179a9fa0ce501fcb543722fc75fb43781134c78039e92b47960dc9d4e053e09c151f37194e
SSDEEP

6144:iRpoz71Q68fMzLC9pxyaKsd1aJ+kosgAOEHLSXZ:kpgCpfyLnaKu1amAlrSXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc8005026623a4132247b0c7756df3d3_JaffaCakes118

Files

bc8005026623a4132247b0c7756df3d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d634b4394674bb320a6992c04d728f19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
lstrcmpW
GetFileAttributesW
lstrcatW
GetPrivateProfileStringW
GetSystemDefaultLangID
GetModuleFileNameW
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
WaitForSingleObject
Sleep
CreateMutexW
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateEventW
SetEvent
ResetEvent
GetModuleHandleW
CreateProcessW
GetCommandLineW
lstrcmpiW
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
SetFilePointer
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
FlushFileBuffers
lstrcpyW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetLastError
CloseHandle
SetLastError
InterlockedDecrement
InterlockedIncrement
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
lstrlenW
RtlUnwind
RaiseException
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentThreadId
TlsAlloc
HeapAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection

user32

SetClassLongW
PostQuitMessage
EnableWindow
LoadIconW
GetLastActivePopup
CheckDlgButton
DialogBoxParamW
FindWindowW
PostMessageW
EndDialog
GetDlgItemTextW
MessageBoxW
GetDlgItem
SendMessageW
CreateDialogParamW
GetMessageW
IsWindow
TranslateMessage
DispatchMessageW
IsDialogMessageW
SetWindowTextW
SetDlgItemTextW
DestroyWindow
wsprintfW
RegisterWindowMessageW
IsDlgButtonChecked

advapi32

RegDeleteValueW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegFlushKey
RegCloseKey
RegOpenKeyExW

shell32

CommandLineToArgvW
ShellExecuteW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiClassGuidsFromNameExW
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiDestroyDeviceInfoList

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d634b4394674bb320a6992c04d728f19

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

setupapi

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 116KB - Virtual size: 112KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 116KB - Virtual size: 112KB