d676c312563255181d11717cae5824ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d676c312563255181d11717cae5824ad_JaffaCakes118
Size

737KB
MD5

d676c312563255181d11717cae5824ad
SHA1

7036441ab36f795a1f074aa07655d1574c6a2ff8
SHA256

812cdb47be160cf89b22495ad986655c5363bddedd06b399da47b7fa9eafb0a5
SHA512

fb3a5dc77f64b4a31acfbbe65d5b79abe64929923bb815613f1a6fac2556f5b48ab6cc983c67c2bd3c8fde464e9793aa2294ecc46d3fd916b87b921ada438597
SSDEEP

12288:3LDhJ1Cgf2s4h308lruBAc4Vo/O9SSfphdNpjNbOS37y+BrpS22suIHMTKlo7JTV:7/tJAkuYNWo/OcCNJnL5r12suQMTioN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d676c312563255181d11717cae5824ad_JaffaCakes118

Files

d676c312563255181d11717cae5824ad_JaffaCakes118
.exe windows:6 windows x86 arch:x86

2e5f10fb048c4799cc54091b7e1975e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
lstrcpynA
GetMailslotInfo
IsDebuggerPresent
_hread
CreateHardLinkA
WritePrivateProfileSectionA
SetCalendarInfoA
CreateSemaphoreA
IsBadStringPtrA
GetSystemTimeAsFileTime
GetPrivateProfileSectionNamesA
CommConfigDialogW
GetComputerNameExA
ReadFileScatter
FindVolumeClose
SetFilePointerEx
FindNextVolumeA
CreateMailslotW
SizeofResource
OpenSemaphoreA
TlsAlloc
GetCommState
GetCurrentProcess
GlobalUnfix
lstrcmpA
ExpandEnvironmentStringsW
SetProcessWorkingSetSize
SetDefaultCommConfigA
MoveFileA
GetPrivateProfileSectionNamesW
FindFirstVolumeMountPointW
LocalLock
GetLocalTime
DefineDosDeviceA
lstrcpyA
GetComputerNameExW
GetProcessTimes
FindNextVolumeMountPointW
GlobalUnlock
CompareFileTime
GetExitCodeThread
LockFileEx
SetVolumeMountPointW
FlushFileBuffers
GetCPInfo
GetHandleInformation
CreateEventA
CreateJobObjectA
ReleaseSemaphore
GetUserDefaultUILanguage
InitAtomTable
OpenFileMappingA
TlsGetValue
GetProcessAffinityMask
GetDefaultCommConfigW
GetFileType
IsProcessorFeaturePresent
CreateMailslotA
SetSystemTimeAdjustment
GetProfileIntW
MoveFileExA
EnumResourceLanguagesA
GetProcessPriorityBoost
GetLogicalDrives
SetLocaleInfoW
GetSystemDefaultLCID
FindResourceExA
SetEnvironmentVariableA
FindNextChangeNotification
QueueUserAPC
CreateFileA
GlobalFree
GlobalSize
WaitNamedPipeW
GetThreadLocale
GetSystemTimeAdjustment
SetThreadLocale
GetProfileStringW
lstrcpyW
GetCommandLineW
RtlUnwind
ExitProcess
IsBadCodePtr
CreateMutexW
GetUserDefaultLCID
RemoveDirectoryA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCompressedFileSizeW
GetDevicePowerState
OpenFileMappingW
GetLastError
GetEnvironmentVariableA
GetComputerNameA
FlushViewOfFile
SetStdHandle

shlwapi

PathAppendA
PathCombineA

comctl32

InitCommonControlsEx

user32

GetKeyState
LoadCursorW
GetParent
DrawTextW
SetDlgItemTextW
PtInRect
MoveWindow
PostMessageW
DialogBoxParamW
EndDialog
SetTimer
LoadBitmapW
DrawMenuBar
DispatchMessageW
CheckRadioButton
GetDesktopWindow
LoadStringA
GetWindowPlacement
FrameRect
EnableMenuItem
DefWindowProcW
InvertRect
EndPaint
SetRect
RegisterClassW
LoadStringW
DestroyWindow
InvalidateRect
CreateWindowExW
LoadIconW
GetMessageW
PostQuitMessage
GetSubMenu
FillRect
TranslateAcceleratorW
BeginPaint
GetDlgItemTextW
WaitMessage
MessageBoxA
GetClientRect
ReleaseDC
GetDlgItem
WinHelpW
OffsetRect
SendMessageW
GetWindowRect
GetMenu
UnionRect
IsZoomed
IsDlgButtonChecked
LoadAcceleratorsW
ShowWindow
TranslateMessage
CheckDlgButton
SetCapture
GetForegroundWindow
GetSystemMetrics
IsIconic
UpdateWindow
IntersectRect
MessageBoxW
ReleaseCapture
wsprintfW
GetDC
PeekMessageW

advapi32

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e5f10fb048c4799cc54091b7e1975e5

Headers

File Characteristics

Imports

kernel32

shlwapi

comctl32

user32

advapi32

Sections

.text Size: 291KB - Virtual size: 290KB

.data Size: 244KB - Virtual size: 596KB

.rdata Size: 10KB - Virtual size: 9KB

.rsrc Size: 182KB - Virtual size: 182KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 291KB - Virtual size: 290KB

.data
Size: 244KB - Virtual size: 596KB

.rdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 182KB - Virtual size: 182KB

.reloc
Size: 8KB - Virtual size: 8KB