c018c70a162fa57818605e72ddefefb5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c018c70a162fa57818605e72ddefefb5_JaffaCakes118
Size

533KB
MD5

c018c70a162fa57818605e72ddefefb5
SHA1

771cd6cb17ff97e656f2fd56fcc6b94de905b4a7
SHA256

668612767a6367db7821be4a14885438acb1baf6e402541a554519c7438fcabe
SHA512

2855f881f7b2703e1381761a726eccd83d995c8cd1da651f81dc37c9312ff492deba2f370f332eef0989626cdea5c7187756830d2af9637602521675025e1bf5
SSDEEP

12288:Bd2ACYyLMspkT8WnY8ibuHIyeAcrc2XWR6A6N9XFd:bmLMspiGiHIyehc3RkPVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c018c70a162fa57818605e72ddefefb5_JaffaCakes118

Files

c018c70a162fa57818605e72ddefefb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45d81535cc39ff452c124aa84f96ebae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
FreeSid
RegEnumValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclA
AllocateAndInitializeSid
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
AddAccessAllowedAce
RegSetKeySecurity
SetFileSecurityA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_LoadImageA

kernel32

LockResource
LoadResource
FindResourceA
DeleteFileA
GetTickCount
Sleep
GetLocaleInfoA
GetThreadLocale
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetVersionExA
FlushInstructionCache
GetLocalTime
GetModuleHandleA
CloseHandle
SetFileTime
WriteFile
SetEndOfFile
SetFilePointer
GetFileAttributesA
GetTempFileNameA
CompareFileTime
GetFileInformationByHandle
CreateFileA
CopyFileA
MoveFileA
SetFileAttributesA
GetFullPathNameA
RemoveDirectoryA
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetShortPathNameA
WaitForSingleObject
lstrlenA
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
CreateDirectoryA
GetUserDefaultLangID
OpenProcess
GetLocaleInfoW
WideCharToMultiByte
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalMemoryStatus
GetDiskFreeSpaceA
LoadLibraryExA
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
VirtualAlloc
VirtualFree
HeapCreate
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
GetStdHandle
SetHandleCount
HeapSize
IsValidCodePage
GetOEMCP
GetProcessHeap
GetACP
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
LCMapStringW
LCMapStringA
GetCPInfo
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleW
RaiseException
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
GetLastError
LocalFree
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
MulDiv
SizeofResource
SetThreadLocale
FreeResource
WriteConsoleW
GetConsoleOutputCP
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
FlushViewOfFile

user32

GetWindowDC
ReleaseDC
SetCapture
MessageBoxA
FindWindowA
GetWindowThreadProcessId
WaitForInputIdle
GetFocus
AdjustWindowRectEx
MoveWindow
GetWindowRect
MapWindowPoints
GetClassNameA
PostMessageA
PeekMessageA
IsDialogMessageA
GetMessageA
DispatchMessageA
GetWindow
CreateDialogParamA
LoadIconA
SetFocus
InvalidateRect
BeginPaint
ReleaseCapture
DrawFrameControl
GetWindowTextLengthA
GetWindowTextA
DrawTextA
DrawFocusRect
EndPaint
DefWindowProcA
GetParent
CreateWindowExA
SetWindowTextA
SetWindowPos
GetWindowLongA
SetWindowLongA
DestroyWindow
UnregisterClassA
LoadCursorA
RegisterClassExA
ExitWindowsEx
GetDlgItemTextA
SetDlgItemTextA
SendMessageA
GetClientRect
GetSystemMetrics
IsDlgButtonChecked
GetDlgItem
ShowWindow
CheckDlgButton
SendDlgItemMessageA
IsWindow
GetDC

gdi32

BitBlt
DeleteDC
SetTextAlign
TextOutA
SetTextColor
SetBkColor
SetBkMode
ExtTextOutA
SelectObject
GetStockObject
CreateCompatibleBitmap
SetDIBits
DeleteObject
GetDeviceCaps
CreateFontA
CreateCompatibleDC

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45d81535cc39ff452c124aa84f96ebae

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

version

comctl32

kernel32

user32

gdi32

shell32

ole32

oleaut32

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 294KB - Virtual size: 294KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 294KB - Virtual size: 294KB