d159124a50e3531f2c3bc012cbe29606_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d159124a50e3531f2c3bc012cbe29606_JaffaCakes118
Size

465KB
MD5

d159124a50e3531f2c3bc012cbe29606
SHA1

2d7737f91eb760596d5add06f59d25e441123f26
SHA256

204b5b570d490f99e02df7a2f69105047574112f33290de532c6f6d1f05428d9
SHA512

00eefb975992f9432bab0a764f8fa6beec0203cf359aff8324d93259728b52bba6cbbc710b0f7d9402d03913e49373f51df22870f2def78150074321a2213eb1
SSDEEP

12288:BUZDg8UUOQXBdsh/ChZ8VRIMe8/p9rFyrCgXAQ:B0ds7VRIM77sVQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d159124a50e3531f2c3bc012cbe29606_JaffaCakes118

Files

d159124a50e3531f2c3bc012cbe29606_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ba13f52ac2370261e38f586a0bcbd1a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
SetStdHandle
SetEvent
GetStringTypeW
RaiseException
CreateDirectoryW
GetCurrentDirectoryA
HeapFree
MulDiv
VirtualProtect
GetTimeZoneInformation
lstrlenW
VirtualFree
GlobalUnlock
OpenMutexA
GetTickCount
LocalReAlloc
SetThreadPriority
IsBadReadPtr
TlsGetValue
GetLastError
SetFilePointer
SetEndOfFile
GetCommandLineW
TerminateProcess
CompareStringW
GetVersion
WideCharToMultiByte
GetConsoleMode
GetUserDefaultLCID
lstrcpyW
ExitProcess
HeapAlloc
TlsAlloc
GetSystemTimeAsFileTime
Sleep
MapViewOfFile
GetProcAddress
CloseHandle
SystemTimeToFileTime
VirtualAlloc
LocalAlloc
GetTempFileNameA
FormatMessageW
SetUnhandledExceptionFilter
CreateFileW
InterlockedExchange
GetCommandLineA
GetCurrentThreadId
GetFileSize
GetFileAttributesW
CreateThread
lstrcpynW
GetCurrentProcess
UnhandledExceptionFilter
GetLocalTime
GetCPInfo
HeapReAlloc
lstrcmpiW
HeapSize
CreateMutexW
GetACP
GlobalLock
GetTimeFormatW
SetLastError
FreeEnvironmentStringsW
ResetEvent
InitializeCriticalSection
GetDateFormatW
lstrcatW
GetSystemTime
LocalLock
GetModuleHandleA
CreateFileA
GetVersionExA
LocalSize
GetCurrentThread
GetStartupInfoA
LocalUnlock
DeleteCriticalSection
FindFirstFileW
GetUserDefaultUILanguage
LoadLibraryA
FindClose
ReleaseMutex
EnterCriticalSection
SetErrorMode
CopyFileW
GetFileInformationByHandle
GetStdHandle
SetHandleCount
GetTempPathA
InterlockedCompareExchange
GetTempPathW
CreateFileMappingW
GlobalFree
FreeLibrary
GetFileType
GlobalAlloc
LoadResource
lstrcmpW
LeaveCriticalSection
LCMapStringW
GetProcessHeap
lstrlenA
LocalFree
WriteFile
FoldStringW
TlsFree
GetFileTime
UnmapViewOfFile
MultiByteToWideChar
DeleteFileW
LCMapStringA
ReadFile
QueryPerformanceCounter
GetCurrentProcessId
CreateFileMappingA
GetLocaleInfoW

gdi32

AbortDoc
CreateDCW
SetAbortProc
GetTextMetricsW
DeleteObject
CreateFontIndirectW
EnumFontsW
SetWindowExtEx
SetViewportExtEx
SetMapMode
SetBkMode
StartPage
GetTextExtentPoint32W
GetDeviceCaps
SelectObject
GetTextFaceW
EndDoc
GetObjectW
LPtoDP
StartDocW
DeleteDC
TextOutW
EndPage
GetStockObject

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
ShellAboutW

user32

SendDlgItemMessageW
CreateWindowExW
DestroyMenu
WinHelpW
EndDialog
GetForegroundWindow
CreateDialogParamW
LoadStringW
TrackPopupMenu
GetSystemMenu
EnableMenuItem
SetWindowTextW
PostMessageW
UnhookWinEvent
MoveWindow
GetKeyboardLayout
ShowWindow
DialogBoxParamW
GetWindowPlacement
GetMenu
DrawIconEx
PostQuitMessage
IsIconic
EqualRect
TranslateAcceleratorW
DrawEdge
SetWindowLongW
GetMessageW
MessageBoxW
EnumWindows
UpdateWindow
DeleteMenu
GetScrollPos
ScreenToClient
UnhookWindowsHookEx
GetDlgItem
GetSystemMetrics
GetDesktopWindow
GetSubMenu
InvalidateRect
CharNextW
EnableWindow
SetFocus
LoadAcceleratorsW
LoadIconW
GetWindowTextW
SendMessageW
DispatchMessageW
LoadCursorW
SetCursor
CharUpperW
GetParent
SetWindowPos
GetFocus
wsprintfW
CloseClipboard
DestroyIcon
CreatePopupMenu
GetClientRect
ChildWindowFromPoint
MessageBeep
CharLowerW
GetCursorPos
CheckRadioButton
CheckMenuItem
IsClipboardFormatAvailable
wsprintfA
LoadImageW
SetTimer
GetDlgCtrlID
SetWindowPlacement
PeekMessageW
GetDlgItemTextW
RegisterWindowMessageW
DrawTextExW
RegisterWindowMessageA
DefWindowProcW
ReleaseDC
SetActiveWindow
GetKeyState
OpenClipboard
GetMenuState
GetWindowLongW
TranslateMessage
CheckDlgButton
SetScrollPos
GetWindowRect
RegisterClassExW
MapWindowPoints
SetWinEventHook
IsDialogMessageW
DestroyWindow
GetDC
SetDlgItemTextW

advapi32

RegOpenKeyExA
RegSetValueExW
IsTextUnicode
RegQueryValueExW
RegCreateKeyW
RegQueryValueExA
RegCloseKey

msvcrt

_cexit
_purecall
_wtol
wcsncmp
_c_exit
_acmdln
__set_app_type
??3@YAXPAX@Z
??1exception@@UAE@XZ
__CxxFrameHandler
__getmainargs
_adjust_fdiv
localtime
iswctype
isdigit
wcsncpy
_stricmp
_wcsicmp
_initterm
memset
_lock
__p__fmode
__setusermatherr
_amsg_exit
_XcptFilter
_exit
__p__commode
_CxxThrowException
realloc
_snwprintf
_controlfp
exit
time

comdlg32

GetSaveFileNameW
FindTextW
ReplaceTextW
PageSetupDlgW
GetFileTitleW
GetOpenFileNameW
PrintDlgExW
CommDlgExtendedError
ChooseFontW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba13f52ac2370261e38f586a0bcbd1a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shell32

user32

advapi32

msvcrt

comdlg32

winspool.drv

comctl32

Sections

.text Size: 370KB - Virtual size: 370KB

.data Size: 91KB - Virtual size: 95KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 370KB - Virtual size: 370KB

.data
Size: 91KB - Virtual size: 95KB

.rsrc
Size: 2KB - Virtual size: 1KB