d805a979941ea215ece5ca8bc764a402_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d805a979941ea215ece5ca8bc764a402_JaffaCakes118
Size

496KB
MD5

d805a979941ea215ece5ca8bc764a402
SHA1

afb533c55509bed84c66f5db86ce89fc6314db5b
SHA256

8a5bd38d99ca82232bf4bad6433a6f0358150dfd0c3a8b22c307e39499d4724d
SHA512

4ce9ef448e4c068b77120ca3de064d23813bb7138717b188aa724eebbca16458b365acecb68f342101943b71e5aacdf51ca9e48c46ed7b6849afc35ce7cf2192
SSDEEP

6144:JdY1D1JS816/Z75OKD4QYMZPlVRK72qOxIVcEGPdcdlbZN3da4Dtg9UqYEFLLb/z:J6jEV/OKVYatEjdHtSUqYOLb/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d805a979941ea215ece5ca8bc764a402_JaffaCakes118

Files

d805a979941ea215ece5ca8bc764a402_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec3e884399de1a7a053488acd8434950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPos
CreateWindowExA
MoveWindow
PostQuitMessage
wsprintfA
DefWindowProcA
FillRect
ReleaseDC
GetWindowDC
DrawTextA
DispatchMessageA
TranslateMessage
EnableWindow
GetForegroundWindow
SetWindowTextW
OffsetRect
GetSystemMetrics
SetWindowTextA
ShowWindow
DestroyWindow
KillTimer
EndDialog
GetDlgItem
PostMessageA
SendMessageA
SetTimer
MessageBoxW
LoadStringW
LoadStringA
DialogBoxParamW
DialogBoxParamA
SetWindowLongA
GetWindowLongA
CharUpperW
CharUpperA
GetWindowTextA
GetWindowRect
IsWindow
SystemParametersInfoA
CheckDlgButton
IsDialogMessageA
BeginPaint
EndPaint
InvalidateRect
SetFocus
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxA
SetCursor
GetMessageA
PeekMessageA

shell32

SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

gdi32

CreateFontA
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectA
CreatePalette

kernel32

TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoA
TlsAlloc
TlsSetValue
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetSystemTimeAsFileTime
InterlockedDecrement
GetStringTypeA
IsDBCSLeadByte
GetCPInfo
GetCurrentDirectoryA
SetFileAttributesW
GetFileAttributesW
SetLastError
GetStdHandle
CreateFileW
GetFileType
GetLastError
DosDateTimeToFileTime
FormatMessageA
GlobalAddAtomA
GlobalDeleteAtom
TlsFree
VirtualAlloc
VirtualFree
WinExec
_lcreat
GetStringTypeW
RaiseException
WideCharToMultiByte
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
HeapReAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSection
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
GetCurrentThreadId
DeleteCriticalSection
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RtlUnwind
IsValidCodePage
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
_lopen
_lread
GlobalFlags
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
GetCommandLineA
WriteFile
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
lstrlenA
lstrcpyA
SetEndOfFile
CreateFileA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ExitProcess
CopyFileA
GetCurrentProcess
GetTickCount
GetModuleFileNameA
Sleep
SetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
lstrcatA
MoveFileA
GetFullPathNameA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec3e884399de1a7a053488acd8434950

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 388KB - Virtual size: 522KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 388KB - Virtual size: 522KB

.rsrc
Size: 2KB - Virtual size: 2KB