d456e6d8ac93ade798b5754da6f67db4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d456e6d8ac93ade798b5754da6f67db4_JaffaCakes118
Size

93KB
MD5

d456e6d8ac93ade798b5754da6f67db4
SHA1

01b9073a8f3fed49599815cfe325ed82bd6dd368
SHA256

14bc559e818aad8338a92c95160e1bc1d8b6c2e1e663d5b8793e7899c5f7ef28
SHA512

14a7f265d68abe55aff7fc3d5072d3f2c3c2e117d8ee329aa3f267c2216ed28848fed95a5811d633bf7177b68d99ff03ad800a3d8ff3b46d5a6ed1aaab9c2d0b
SSDEEP

1536:eHrHqr8T+zSdT1V+3G96MiecuwaqaszPLMfrFLiGY3q7VoagHfHFG:WrKYbL+3G9jiecuf7frtiGYa7Voal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d456e6d8ac93ade798b5754da6f67db4_JaffaCakes118

Files

d456e6d8ac93ade798b5754da6f67db4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6223b1168e7f23eb23bbe382f879126

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

comctl32

ImageList_ReplaceIcon
ImageList_GetImageCount

shell32

SHGetPathFromIDListW
SHGetFileInfoW

gdi32

RealizePalette
GetDeviceCaps
CreateCompatibleDC
CreateFontIndirectW
CreateICW
DeleteDC
CreatePalette
DeleteObject
GetObjectW

msvcrt

_adjust_fdiv
_exit
strchr
_initterm
fgets
wcsncmp
__setusermatherr
fopen
exit
fputws
fclose
iswalpha
_except_handler3
_wtoi
difftime
mktime
isdigit
realloc
localtime
swprintf
_controlfp
_stricmp
_ftime
wcscmp
sprintf
wcslen
?terminate@@YAXXZ
_wcsupr
__p__fmode
malloc
_onexit
_wcsicmp
_strnicmp
_wcmdln

advapi32

DeleteService
SetThreadToken
GetTokenInformation
InitializeSecurityDescriptor
RegEnumKeyW
AllocateAndInitializeSid
EqualSid
RegCloseKey
FreeSid
RegDeleteKeyA
RegOpenKeyA
RegSetValueExW
RegQueryValueExA
RegDeleteKeyW
RegOpenKeyExA
RegCreateKeyExW
OpenThreadToken
RegEnumValueW
RegQueryValueExW
AdjustTokenPrivileges
RegDeleteValueW

kernel32

GetDriveTypeW
GetCurrentDirectoryW
InterlockedIncrement
FindNextFileW
GetFileAttributesW
SetErrorMode
FileTimeToSystemTime
GetCurrentProcess
SetCurrentDirectoryW
TerminateThread
CreateFileA
FindFirstFileW
GetSystemTime
GetLocalTime
MulDiv
ReleaseMutex
GetLastError
WriteFile
GetTickCount
InitializeCriticalSection
GetFileSize
GetModuleHandleW
VirtualAlloc
FreeLibrary
GetLogicalDriveStringsW
WaitForSingleObject
CreateFileMappingW
MultiByteToWideChar
MapViewOfFile
GetPrivateProfileStringW
GetCurrentThreadId
GetProcessHeap
GetCurrentProcessId
LocalFree
QueryDosDeviceW
GetModuleHandleA
WritePrivateProfileStringW
lstrcmpA
GetCurrentThread
SetLastError
GetVersion

mpr

WNetGetConnectionW

mfc42u

ord823
ord4736
ord5977
ord6051
ord802
ord2403
ord4213
ord2859
ord4392
ord5154
ord4401
ord4073
ord4992
ord5156
ord5155
ord1767
ord5257
ord5261
ord3793
ord4942
ord5059
ord4352
ord5283
ord2116
ord1720
ord6896
ord2101
ord6048
ord384
ord3744
ord3716
ord2355
ord3792
ord3142
ord5264
ord470
ord5273
ord2877
ord2971
ord2088
ord2977
ord3131
ord2546
ord2388
ord2139
ord1089
ord4269
ord2078
ord640
ord5228
ord3825
ord771
ord2717
ord2576
ord4616
ord3993
ord2810
ord3917
ord6688
ord5727
ord613
ord3737
ord3991
ord4270
ord5285
ord5296
ord5787
ord540
ord818
ord4470
ord538
ord3687
ord3365
ord3635
ord2634
ord4219
ord289
ord693
ord765
ord5298
ord5286
ord941
ord6211
ord4075
ord4396
ord1633
ord1230
ord3865
ord1172
ord4704
ord2574
ord5276
ord3074
ord3084
ord3447
ord2406
ord4621
ord2293
ord1634
ord6871
ord4831
ord489
ord4229
ord2637
ord1165

user32

SetCursor
SendMessageW
GetWindowRect
SetTimer
DispatchMessageW
IsIconic
GetClientRect
PtInRect
IsWindow
GetSysColor
AppendMenuW
EnableMenuItem
IsWindowEnabled
LoadIconW
LoadStringW
MessageBoxA
GetActiveWindow
DrawFocusRect
InvalidateRect
GetWindowLongW
PeekMessageW
UpdateWindow
FillRect
GetParent
EnumChildWindows
CopyRect
SetActiveWindow

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 60KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6223b1168e7f23eb23bbe382f879126

Headers

File Characteristics

Imports

comctl32

shell32

gdi32

msvcrt

advapi32

kernel32

mpr

mfc42u

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 19KB - Virtual size: 18KB

.bss Size: - Virtual size: 60KB

.idata Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 16B

.rdata Size: 512B - Virtual size: 129B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 19KB - Virtual size: 18KB

.bss
Size: - Virtual size: 60KB

.idata
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 129B