d55c53d659bb4dffbc639e8b3d908cf2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d55c53d659bb4dffbc639e8b3d908cf2_JaffaCakes118
Size

105KB
MD5

d55c53d659bb4dffbc639e8b3d908cf2
SHA1

0a4f8f104aec4531d089349c76ce35666def8e68
SHA256

6b6282915f7c0030da2c67f1e3cad6d2252b23bead95473dba237ec9c69f08ba
SHA512

bee3c623d2d88c1731f0cfcbb11d6fb7e074d8576373f4e04550d72c824ba9d2931d854ee9d1d05068f6a391b65a6e307227cab0294c86b188875629dca7b954
SSDEEP

1536:9PtSandzenaAi69qIlLW/mP/Wg3mnI/9zLGCnKo8zEcb5dQFYD:/lMUQWOPue51moIb5dQCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d55c53d659bb4dffbc639e8b3d908cf2_JaffaCakes118

Files

d55c53d659bb4dffbc639e8b3d908cf2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

85ede25eeee4ceeb1dd26e6b18e4debd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
RemoveDirectoryA
SetFileAttributesA
FindClose
ResetEvent
GetDiskFreeSpaceA
FindNextFileA
CloseHandle
DeleteFileA
lstrcpyA
GetFileSize
SetErrorMode
SetCurrentDirectoryA
OpenEventA
GetModuleFileNameA
lstrcpynA
GetWindowsDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetModuleHandleA
GetCurrentDirectoryA
GetDiskFreeSpaceExA
GetVersionExA
CreateDirectoryA
GetFileAttributesA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
lstrcatA
MultiByteToWideChar
ReadFile
CreateEventA
WriteFile
SetFileTime
GetTickCount
SetEvent
WaitForSingleObject
lstrlenA
CreateFileA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
RaiseException
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
GetProcessHeap
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate

user32

wsprintfA
SendMessageA
GetWindowRect
GetClientRect
GetWindowLongA
GetSystemMetrics
LoadImageA
IsWindowVisible
DestroyWindow
PostMessageA
FindWindowExA
GetWindowTextA
CreateWindowExA
SetWindowPos
SetWindowTextA
GetParent
SetWindowLongA
GetDlgItem
ShowWindow
SetDlgItemTextA
MessageBoxA

gdi32

DeleteObject
CreateFontA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

comctl32

PropertySheetA
InitCommonControlsEx
CreatePropertySheetPageA

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85ede25eeee4ceeb1dd26e6b18e4debd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 13KB - Virtual size: 13KB