c16f00f8307c7bb1dddf90f00d97050a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c16f00f8307c7bb1dddf90f00d97050a_JaffaCakes118
Size

464KB
MD5

c16f00f8307c7bb1dddf90f00d97050a
SHA1

a1d8f6a6cc03b76eda5fb5b9177ed5ccf4eb0550
SHA256

9e2cead074a2919498c4a46bc39b1dbdd71e6243e91453376a89042f1b35f391
SHA512

f38df87c31aa5a308fa89a3a1753ef932485bab90b0471a2b37485efb2b7cbb793bf2a0873393bdb0411fb3ef2f69541ef8d61efc650f62116b91b5ee0e75e6b
SSDEEP

12288:xB32nlRh0Luls9mP6XBDOtjwrirA3qmtPPbqikwx:xB3Kp05YPuxOtk4hm1Qwx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c16f00f8307c7bb1dddf90f00d97050a_JaffaCakes118

Files

c16f00f8307c7bb1dddf90f00d97050a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e3bacf3ec0a3e764f12383b558cccd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
PropertySheetW
_TrackMouseEvent
ImageList_GetIconSize
ImageList_Create
ImageList_DrawEx

kernel32

VirtualFree
GetCPInfo
CreateDirectoryW
LoadResource
GetDateFormatA
FileTimeToSystemTime
SetErrorMode
SetHandleCount
LoadLibraryA
RaiseException
SetStdHandle
UnlockFile
GetProcAddress
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetLocalTime
InterlockedExchange
HeapCreate
GetFileTime
GetEnvironmentVariableW
ResetEvent
LocalReAlloc
GetCurrentProcess
LoadLibraryW
GetCurrentDirectoryW
Sleep
LCMapStringW
GetACP
TlsSetValue
WriteConsoleA
TlsGetValue
SetFilePointer
SuspendThread
lstrcmpiA
lstrcmpW
GlobalDeleteAtom
SetEnvironmentVariableA
GetCurrentDirectoryA
lstrlenW
GetTickCount
HeapDestroy
ExitThread
GetSystemInfo
CompareStringA
GlobalFlags
ReleaseMutex
FindNextFileW
GlobalLock
GetTimeZoneInformation
GetLocaleInfoW
GetStringTypeA
InterlockedIncrement
lstrlenA
LeaveCriticalSection
TerminateThread
TlsFree
GetModuleFileNameA
GetStartupInfoW
GetOEMCP
GetFileSize
CompareStringW
SystemTimeToFileTime
DeleteCriticalSection
FreeResource
GetVersionExA
DuplicateHandle
GetCommandLineW
CreateFileA
GetModuleHandleW
UnhandledExceptionFilter
GetCurrentThreadId
CreateEventW
LocalFileTimeToFileTime
GetModuleFileNameW
IsBadReadPtr
InitializeCriticalSection
GetStdHandle
GlobalAlloc
WriteFile
GetTempPathW
LockFile
lstrcmpA
LockResource
GetVersion
MulDiv
CloseHandle
lstrcpynW
GetStartupInfoA
TerminateProcess
FindFirstFileW
HeapReAlloc
GetTempPathA
CopyFileA
CreateThread
VirtualAlloc
GetFullPathNameW
RtlUnwind
GetLastError
HeapAlloc
GetDriveTypeA
HeapSize
WideCharToMultiByte
HeapFree
SizeofResource
SetEndOfFile
CopyFileW
QueryPerformanceCounter
FlushFileBuffers
SetFileAttributesW
GetTimeFormatA
GetFileAttributesA
ExitProcess
LocalAlloc
GetExitCodeThread
CreateFileW
GetEnvironmentStringsW
SetFileTime
GetSystemTimeAsFileTime
lstrcpyW
ResumeThread
GetTempFileNameW
GetFileAttributesW
LCMapStringA
GlobalFree
FindFirstFileA
ReadFile
SetThreadPriority
GlobalUnlock
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
IsValidLocale
GetCommandLineA
EnterCriticalSection
GetFileType
WaitForSingleObject
FreeLibrary
UnmapViewOfFile
VirtualQuery
GetStringTypeW
GetModuleHandleA
GetLocaleInfoA
SetLastError
GlobalHandle
GetProcessHeap
GetSystemDirectoryW
GetCurrentThread
CreateMutexW
IsBadCodePtr
GetCurrentProcessId
VirtualProtect
MoveFileW
TlsAlloc
FindClose
FormatMessageW
LocalFree
FileTimeToLocalFileTime
InterlockedDecrement

user32

MoveWindow
PostQuitMessage
CheckMenuItem
OffsetRect
CreateWindowExW
GetSystemMenu
DrawFrameControl
DrawTextW
LockWindowUpdate
DrawEdge
ShowWindow
EndPaint
SetActiveWindow
InsertMenuW
DrawStateW
DestroyWindow
IsWindowEnabled
GetMenu
IsMenu
GetParent
DestroyCursor
GetNextDlgGroupItem
FillRect
GetForegroundWindow
PostThreadMessageW
GetMonitorInfoW
GetFocus
WindowFromPoint
IsIconic
EndDialog
EnableMenuItem
TrackMouseEvent
ScreenToClient
SetWindowTextW
LoadAcceleratorsW
SetWindowRgn
LoadIconW
PeekMessageW
UnregisterClassW
DeferWindowPos
DrawFocusRect
GetWindowDC
DestroyIcon
GetDlgItem
GetMenuItemCount
IsWindowVisible
KillTimer
IsWindow
RegisterClassW
LoadCursorW
GetDC
ChildWindowFromPoint
EnableWindow
CallNextHookEx
ValidateRect
DestroyAcceleratorTable
IsChild
SetWindowPos
CopyRect
GetKeyState
GetSysColor
DefWindowProcW
LoadStringW
SetMenu
GetAncestor
MessageBoxW
CopyImage
ReuseDDElParam
IsDialogMessageW
AppendMenuW
BeginPaint
SetFocus
DefFrameProcW
GetMessageW
GetMenuState
RegisterClassExW
GetCursorPos
CreatePopupMenu
SystemParametersInfoA
MessageBeep
wsprintfA
PostMessageW
GetDlgCtrlID
GetCapture
SetScrollPos
SetTimer
SetWindowLongW
DeleteMenu
SetClipboardData
MapWindowPoints

advapi32

DeleteService
RegCreateKeyExA
OpenServiceA
RegSetValueExA
ControlService
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
AllocateAndInitializeSid
ChangeServiceConfigA
GetUserNameA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA
QueryServiceStatus
RegEnumKeyA
OpenThreadToken
OpenProcessToken
CreateServiceA
InitializeSecurityDescriptor
RegDeleteKeyA
StartServiceA
OpenSCManagerA
FreeSid
SetSecurityDescriptorDacl
LookupPrivilegeValueA
RegOpenKeyA
AdjustTokenPrivileges
RegQueryValueExA

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e3bacf3ec0a3e764f12383b558cccd7

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 68KB - Virtual size: 75KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 68KB - Virtual size: 75KB

.rsrc
Size: 44KB - Virtual size: 41KB