bdbf45e98ee2c5c36d5c619d79d1df60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdbf45e98ee2c5c36d5c619d79d1df60_JaffaCakes118
Size

368KB
MD5

bdbf45e98ee2c5c36d5c619d79d1df60
SHA1

5a086b541114e6d7a1326c5a48d069288409dc57
SHA256

416e8a84c972a6c823941189776387c38ebd7e890352f85db90980047fa251bd
SHA512

17ad954c10f2467c8ff19532ade33e779d8d25c06ce31a9c9dac03c3504319cdca10440229ec454dfff780edd2626135d6e587f395eb4a9ca77b039443a06e10
SSDEEP

6144:cQDwflRon7FXkLvr2eYFEc4IZjhTk+V7lJPi47QuiLFBPdYClV6mLV:zwfKFXTIIUyYLF96YV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdbf45e98ee2c5c36d5c619d79d1df60_JaffaCakes118

Files

bdbf45e98ee2c5c36d5c619d79d1df60_JaffaCakes118
.exe windows:8 windows x86 arch:x86

bbf998ffbc24ef5e6ceefb15fcec20fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

StrCatW
StrCmpW
StrChrIW
StrCpyW
StrDupW
StrCmpIW
PathAppendW

msvcrt

_wtoi
_wcsnicmp
_ftol
_acmdln
exit
memmove
wcscpy
towlower
iswspace
_controlfp
wcsncmp
__set_app_type
__p__fmode
_c_exit
_wcsicmp
_cexit
wcsrchr
_mbsrchr
_initterm
wcslen
??3@YAXPAX@Z
_mbsinc

setupapi

SetupOpenAppendInfFileW
SetupFindFirstLineW
SetupFindNextLine

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW

advapi32

RegSetValueExW
GetTokenInformation
RegCloseKey
AllocateAndInitializeSid
RegQueryValueW
LookupPrivilegeValueW
RegEnumKeyExW
OpenProcessToken

user32

DialogBoxParamW
EnumThreadWindows
GetWindowRect
EndDialog
GetMessageW
GetWindowLongA
SendMessageW
LoadStringA
ScreenToClient
SetWindowPos
PostMessageW
SendDlgItemMessageW
GetParent
EnumChildWindows
MessageBoxA
CopyRect
wsprintfW
ReleaseDC
LoadCursorW
EnableWindow
MessageBoxW

ole32

CoTaskMemAlloc

kernel32

VirtualAlloc
HeapFree
LoadLibraryW
GetCurrentDirectoryW
UnhandledExceptionFilter
CreateFileW
CreateMutexW
GetVersionExW
IsDBCSLeadByte
FindClose
FreeLibrary
GetTempFileNameA
ExpandEnvironmentStringsW
EnterCriticalSection
DebugBreak
FileTimeToLocalFileTime
GetEnvironmentStringsW
FindFirstFileA
VirtualFree
HeapReAlloc
GetCurrentProcess
SetErrorMode
GetLastError
GetCurrentThreadId
SetLastError
lstrcpyW
SetEvent
SetFileAttributesW
ExitProcess
GetCurrentProcessId
GetDiskFreeSpaceW
GetProcessHeap
FindFirstFileW
DeleteCriticalSection
GetDriveTypeW
DeviceIoControl
LocalFree
CreateFileA
ReadFile
CreateDirectoryW
CreateThread
WriteFile
HeapQueryInformation
TerminateProcess
WaitForMultipleObjects
LeaveCriticalSection
GetCommState
GetStartupInfoA
FileTimeToDosDateTime
CopyFileW
GetProcAddress
FormatMessageW
HeapCreate
LocalAlloc
GetSystemTimeAsFileTime
LoadLibraryExW
CloseHandle

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbf998ffbc24ef5e6ceefb15fcec20fc

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

msvcrt

setupapi

shell32

advapi32

user32

ole32

kernel32

Sections

.text Size: 231KB - Virtual size: 231KB

.data Size: 54KB - Virtual size: 54KB

.rsrc Size: 81KB - Virtual size: 716KB

.text
Size: 231KB - Virtual size: 231KB

.data
Size: 54KB - Virtual size: 54KB

.rsrc
Size: 81KB - Virtual size: 716KB