c85cbdf64a66a24b1ea318a4d1abdb04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c85cbdf64a66a24b1ea318a4d1abdb04_JaffaCakes118
Size

126KB
MD5

c85cbdf64a66a24b1ea318a4d1abdb04
SHA1

6206ee363148d55c136107a345e70cd49bff33d4
SHA256

5426f8cfeb7d12061af54090ea88306d9501a23b70828cd4bbeb0600e1f0a12f
SHA512

5d4ab4704e9866353626074e32ff0ca49f50a04a6e18ab79357f66fe1492c65f1aad24bb0d3045229c8f3c6f6c5ca7887a93131e20d4bfac21c7d86e1c13f0d0
SSDEEP

1536:VwDpKW64Lyi06sqaSJUEbooPRrKKRxAAKHMeG7Jw82M660aR:oMW6Bi0xqaSJltZrpRxbKHMeGtt66j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c85cbdf64a66a24b1ea318a4d1abdb04_JaffaCakes118

Files

c85cbdf64a66a24b1ea318a4d1abdb04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c2d5be80e7508aadfd78fdfe81ed56c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
GlobalLock
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
GetACP
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
DeleteFileW
SetEndOfFile
GetUserDefaultUILanguage
FormatMessageW
LocalReAlloc
WideCharToMultiByte
SetLastError
WriteFile
GetLastError
LocalSize
lstrcpynW
MulDiv
lstrcmpW
GetFileAttributesW
FindFirstFileW
FindClose
lstrcatW
GetCommandLineW
GetProcAddress
GetCurrentProcessId
lstrcmpiW
CreateFileW
ReadFile
lstrcpyW
CloseHandle
LocalLock
FoldStringW
CompareStringW
LocalUnlock
lstrlenW
GlobalFree
LocalAlloc
LocalFree
GetLocaleInfoW
GetLocalTime
GetStartupInfoA

comdlg32

PageSetupDlgW
FindTextW
PrintDlgExW
ChooseFontW
GetFileTitleW
GetOpenFileNameW
ReplaceTextW
GetSaveFileNameW
CommDlgExtendedError

shell32

DragFinish
DragQueryFileW
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

msvcrt

wcsncmp
_wtol
_except_handler3
iswctype
wcsncpy
_snwprintf
time
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
localtime
_initterm

advapi32

IsTextUnicode
RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW

gdi32

GetStockObject
EnumFontsW
GetTextFaceW
GetObjectW
GetDeviceCaps
DeleteObject
SelectObject
CreateDCW
GetTextExtentPoint32W
TextOutW
DeleteDC
EndDoc
AbortDoc
EndPage
StartPage
StartDocW
SetAbortProc
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateFontIndirectW

user32

PeekMessageW
GetWindowLongW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
EnableWindow
LoadAcceleratorsW
SetWindowLongW
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
PostQuitMessage
MessageBeep
DestroyWindow
DefWindowProcW
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMenu
GetKeyboardLayout
SetActiveWindow
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
ShowWindow
GetDesktopWindow
MoveWindow
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MessageBoxW
SetFocus
SetDlgItemTextW
wsprintfW
GetDlgItemTextW
EndDialog
GetParent
UnhookWinEvent
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook
GetSystemMetrics
SetWindowTextW
LoadIconW
GetFocus

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ypfivzv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c2d5be80e7508aadfd78fdfe81ed56c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

shell32

winspool.drv

comctl32

msvcrt

advapi32

gdi32

user32

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 63KB - Virtual size: 64KB

ypfivzv Size: - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 63KB - Virtual size: 64KB

ypfivzv
Size: - Virtual size: 4KB