c22f8760eaf5203e17f7ffdd78ef7686_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c22f8760eaf5203e17f7ffdd78ef7686_JaffaCakes118
Size

653KB
MD5

c22f8760eaf5203e17f7ffdd78ef7686
SHA1

2c6edc64ea318185afbad06270a88d5a5c24f563
SHA256

43a598f9a105e0d3c38a4c65226ecbc485916179e4ecb94e34f52f17e1ae1332
SHA512

d60ef3c49cca3b90309ce22a6777e4e4c3427c396c55605db48cdded12b4af52bfd31db8b68ce3245255444c2b2f911b70f5aac7327d5d5c274ba5fbce8c69a9
SSDEEP

12288:dBaxchDRQ3Rw19TUfM8U2pP77tdSRgtrTjNGjml85CZv+Za6o/:dBAcY3Rw15g/UYPnWGjNGjmWMp+Zan/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c22f8760eaf5203e17f7ffdd78ef7686_JaffaCakes118

Files

c22f8760eaf5203e17f7ffdd78ef7686_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80da6468090030e442fa8654f3d7903e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
FindFirstFileA
GetDiskFreeSpaceA
GetModuleHandleA
RemoveDirectoryA
DeleteFileA
CloseHandle
SetFileTime
CreateFileA
SetFileAttributesA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
FormatMessageA
GetCurrentThreadId
FindClose
ReadFile
GetFileSize
lstrcmpiA
GetSystemDefaultLangID
SetLastError
GetModuleFileNameA
CompareStringA
GetFileAttributesA
WaitForSingleObject
GetTickCount
GetExitCodeProcess
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapSize
GetLastError
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
MultiByteToWideChar
OutputDebugStringA
DebugBreak
InterlockedIncrement
InterlockedDecrement
lstrcmpA
GetStringTypeExA
lstrlenA
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
VirtualQuery
RaiseException
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
WriteFile
InterlockedExchange

user32

MapWindowPoints
SetWindowPos
IsWindow
MessageBoxA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItemTextA
CheckDlgButton
KillTimer
SetTimer
SystemParametersInfoA
ShowWindow
GetClientRect
LoadImageA
GetWindowLongA
SetWindowLongA
SendMessageA
EndDialog
GetDlgItem
LoadCursorA
SetCursor
GetWindowRect
MsgWaitForMultipleObjects
CharUpperA
RedrawWindow
GetDesktopWindow
UnregisterClassA
LoadStringA
CharNextA
wvsprintfA
DispatchMessageA
TranslateMessage
InvalidateRect
DestroyCursor
EnumChildWindows
DialogBoxParamA
GetSystemMetrics
GetDlgCtrlID
FillRect
GetWindowTextLengthA
GetWindowTextA
wsprintfA
GetSysColorBrush
EnableWindow
GetParent
SetWindowTextA
GetWindow
PeekMessageA
IsDlgButtonChecked

gdi32

CreateSolidBrush
DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
SetBkMode
SetTextColor
AddFontResourceA
CreateDIBSection
GetStockObject

advapi32

RegOpenKeyExA
OpenSCManagerA
CreateServiceW
CloseServiceHandle
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA

ole32

OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleInitialize

oleaut32

SysStringLen
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantClear
VariantInit
VariantCopy
VariantChangeType
VariantCopyInd
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
BstrFromVector

comctl32

ord17

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80da6468090030e442fa8654f3d7903e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 29KB - Virtual size: 29KB