c8fc6922ad6bde6cb84480c032360b0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8fc6922ad6bde6cb84480c032360b0a_JaffaCakes118
Size

142KB
MD5

c8fc6922ad6bde6cb84480c032360b0a
SHA1

740e2aa85b7a8f30f041e1287ec009e759ef5eb0
SHA256

c92d3a6393e7ee752bda90e51be797bdc23537d62b31321c46e7606794befa5e
SHA512

28dbac0b132da70241147f72ea8970a3f64d6700ee9a1ef469061c80d138fbbc7dfdef46235c75332764cc6b49b5f677bc507659c4f3010d3c83fcd900455c39
SSDEEP

3072:MjV321Ozn8SLcxfPNOuCJqsL9BVdyUINOOsDoJ2K4:MN+in8SLU+qsPUUOwDm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8fc6922ad6bde6cb84480c032360b0a_JaffaCakes118

Files

c8fc6922ad6bde6cb84480c032360b0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

255edda0128e2322305e4b4792506f13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
GetTickCount
ExitProcess
GetModuleHandleA
GetStartupInfoA
HeapAlloc
GetProcessHeap
HeapFree
GetUserDefaultLangID
SetErrorMode
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetFileAttributesA
SetCurrentDirectoryA
FreeLibrary
GetDriveTypeA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalMemoryStatus
GetSystemDirectoryA
WriteFile
CreateDirectoryA
GetFullPathNameA
WritePrivateProfileStringA
MulDiv
SetPriorityClass
LoadLibraryA
SetThreadPriority
GetTempPathA
GetModuleFileNameA
CompareFileTime
SetFileTime
VirtualAlloc
IsBadReadPtr
VirtualFree
SetFilePointer
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
DeleteFileA
MoveFileExA
GetLastError
GetShortPathNameA
GetProcAddress
lstrlenA
GetSystemTimeAsFileTime
IsValidLocale
GetACP
FindFirstFileA
FindNextFileA
IsBadWritePtr
SetUnhandledExceptionFilter
RtlUnwind
GlobalAddAtomA
GlobalDeleteAtom
WinExec
GetVersionExA
FileTimeToLocalFileTime
FindClose
CopyFileA
MoveFileA
GetCurrentThread
SetFileAttributesA
GetCurrentProcess
GetPrivateProfileStringA
GetWindowsDirectoryA
GetCurrentDirectoryA
CreateProcessA
ResumeThread
CloseHandle
WaitForSingleObject
GetExitCodeProcess
Sleep
GetLocalTime
OpenProcess
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FileTimeToSystemTime
FindResourceExA
IsBadCodePtr
RaiseException
GetVolumeInformationA
GetDiskFreeSpaceA
RemoveDirectoryA
ReadFile
GetFileTime
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA

user32

IsWindowVisible
wsprintfA
EnableWindow
SendMessageTimeoutA
GetDC
ReleaseDC
CheckDlgButton
UpdateWindow
SetFocus
IsDlgButtonChecked
GetWindow
GetWindowLongA
SetWindowLongA
GetWindowRect
GetDlgItem
wvsprintfA
PostQuitMessage
DefWindowProcA
CallWindowProcA
IsDialogMessageA
DefDlgProcA
WinHelpA
SystemParametersInfoA
GetDlgCtrlID
GetSysColorBrush
GetSysColor
SetPropA
RemovePropA
EnumPropsExA
IsWindow
GetPropA
CreateWindowExA
CreateDialogParamA
DialogBoxParamA
GetLastActivePopup
DestroyWindow
EndDialog
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
DestroyCursor
SetCursor
GetParent
SendMessageA
CheckRadioButton
IsIconic
DispatchMessageA
TranslateMessage
PeekMessageA
WaitMessage
LoadCursorA
LoadStringA
ExitWindowsEx
MapWindowPoints
OffsetRect
GetSystemMetrics
GetWindowThreadProcessId
GetWindowTextA
EnumWindows
SetWindowTextA
SetDlgItemTextA
SetForegroundWindow
SetWindowPos
LoadImageA
LoadBitmapA
LoadIconA
SendDlgItemMessageA
PostMessageA
MessageBoxA
ShowWindow

gdi32

DeleteObject
AddFontResourceA
RemoveFontResourceA
CreateFontIndirectA
GetObjectA
GetStockObject
SetBkMode
SetBkColor
SetTextColor
GetDeviceCaps

comctl32

PropertySheetA
CreatePropertySheetPageA
ord17

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegEnumKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryInfoKeyA

shell32

ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoUninitialize

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

255edda0128e2322305e4b4792506f13

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

advapi32

shell32

ole32

version

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 5KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 5KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 30KB - Virtual size: 30KB