d5eea57bc5c1f376c7c77f8b8def3df3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5eea57bc5c1f376c7c77f8b8def3df3_JaffaCakes118
Size

368KB
MD5

d5eea57bc5c1f376c7c77f8b8def3df3
SHA1

3198381d03ee53727fe91842bd01cd1b2c6a5765
SHA256

3d730cfa9dd22051eda0c88dedd24ed655e1c502f663a0f1b7b72ed545f11683
SHA512

59eea749dfbe96cfd4f57b46bc6509dc22b1b353b74f7e9a171ac59a1a04a65edca1b6ad2a8533bcca84ea2ce025b7d28bdbfa944e71b65dd20b6639f05ac457
SSDEEP

6144:svszvosGoUpAz9Y6PCH+iXpTTPGBVdg57/+hIYUb1ZIB7:svszvosGXpA+HxCTdg57qvcZIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5eea57bc5c1f376c7c77f8b8def3df3_JaffaCakes118

Files

d5eea57bc5c1f376c7c77f8b8def3df3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d2fe867ecb40f5abc882c486e90e732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetTickCount
lstrcatA
lstrcmpA
GetCurrentThreadId
SetLastError
InterlockedIncrement
InterlockedDecrement
GlobalHandle
GetModuleHandleA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
GetCurrentProcessId
GetProcAddress
lstrcpynW
GetVersion
lstrcmpiW
FileTimeToLocalFileTime
CompareStringA
CompareStringW
GetLocalTime
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
GetTimeFormatA
GetDateFormatA
DeleteFileA
GetTempPathA
GetVolumeInformationA
GlobalMemoryStatus
GetPrivateProfileStringA
ResetEvent
SetEndOfFile
FlushFileBuffers
FindNextFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
GetOEMCP
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
TerminateProcess
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
LoadLibraryA
FreeLibrary
SetFilePointer
WriteFile
MulDiv
HeapAlloc
GetCurrentProcess
FlushInstructionCache
FindFirstFileA
FindClose
GetFileTime
FileTimeToSystemTime
CreateFileW
lstrcpynA
GetFileSize
ReadFile
CreateFileA
GetProcessHeap
HeapFree
CreateEventA
CloseHandle
FindResourceExA
SetEvent
EnterCriticalSection
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
LeaveCriticalSection
GlobalAlloc
GlobalFree
lstrcpyA
GetSystemTime
SystemTimeToFileTime
FindResourceA
SizeofResource
LoadResource
LockResource
lstrlenW
WideCharToMultiByte
GlobalLock
GlobalUnlock
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetStdHandle
InterlockedExchange

user32

DrawTextA
GetCapture
SetCursor
DrawEdge
GetWindowDC
GetSystemMetrics
GetMessagePos
ScreenToClient
PtInRect
LoadMenuA
LoadAcceleratorsA
SetRectEmpty
SetWindowPlacement
MapDialogRect
SetWindowContextHelpId
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateAcceleratorTableA
CharNextA
GetClassNameA
RedrawWindow
SetFocus
GetFocus
OffsetRect
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
IsWindowEnabled
GetWindowThreadProcessId
MessageBeep
EndDialog
GetWindowLongA
GetParent
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
UnregisterClassA
GetClipboardFormatNameA
MessageBoxA
RegisterClipboardFormatA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageA
CreatePopupMenu
CreateDialogParamA
LoadIconA
EnableMenuItem
SetForegroundWindow
FrameRect
SetDlgItemTextA
DialogBoxParamA
CharLowerBuffA
EnableWindow
CharUpperW
CharUpperA
CharLowerW
RemoveMenu
InsertMenuA
AppendMenuA
LoadStringW
PostQuitMessage
SetMenuDefaultItem
GetSubMenu
DrawFrameControl
InflateRect
TrackPopupMenuEx
ModifyMenuA
CallNextHookEx
SetWindowsHookExA
WindowFromPoint
CharLowerA
UnhookWindowsHookEx
GetSysColorBrush
IsChild
InvalidateRgn
FillRect
SetCapture
ReleaseCapture
GetSysColor
RegisterClassExA
LoadImageA
IsWindowVisible
DefWindowProcA
IsMenu
DestroyMenu
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
LoadStringA
MsgWaitForMultipleObjects
ShowWindow
SendDlgItemMessageA
GetDlgItem
IsWindow
wsprintfA
GetActiveWindow
SetWindowLongA
SetRect
LoadCursorA
GetClassInfoExA
GetDC
ReleaseDC
GetDialogBaseUnits
InvalidateRect
UpdateWindow
GetWindowPlacement
SetMenu
GetMenu
PostMessageA
LoadBitmapA
CreateWindowExA
SendMessageA
DestroyWindow
TranslateAcceleratorA
SetTimer
KillTimer
GetKeyState

gdi32

CreateDIBSection
SetBkColor
SetBrushOrgEx
MoveToEx
LineTo
CreatePen
SetTextColor
SetBkMode
CreateBitmap
CreatePatternBrush
PatBlt
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetObjectA
GetDeviceCaps
CreateFontIndirectA
SelectObject
GetTextMetricsA
GetTextExtentPointA
GetStockObject
DeleteObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegEnumValueA
RegCloseKey

shell32

SHGetFileInfoA
ShellExecuteA

ole32

CoTaskMemFree
StringFromCLSID
CoCreateInstance
CreateStreamOnHGlobal
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleGetClipboard
DoDragDrop
CoTaskMemRealloc
OleSetClipboard
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoTaskMemAlloc
StringFromGUID2

oleaut32

LoadRegTypeLi
SysFreeString
VariantInit
VariantCopy
VarCmp
VarDateFromUdate
VariantCopyInd
SafeArrayRedim
SafeArrayDestroy
SafeArrayCreate
SafeArrayLock
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCopy
SafeArrayGetVartype
VarUI4FromStr
SysAllocStringByteLen
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
VarBstrCmp
SysAllocString
LoadTypeLi
DispCallFunc
SysStringLen
VarUdateFromDate
VariantClear

shlwapi

PathFindExtensionA

comctl32

ImageList_Create
ord8
ImageList_Destroy
ord6
ImageList_LoadImageA
DestroyPropertySheetPage
PropertySheetA
ImageList_AddMasked
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_Draw
ord17
ImageList_ReplaceIcon
ImageList_GetImageCount

iphlpapi

GetAdaptersInfo

zlib1

inflate
inflateEnd
get_crc_table
inflateInit2_
crc32

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d2fe867ecb40f5abc882c486e90e732

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

iphlpapi

zlib1

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 76KB - Virtual size: 75KB