db3f174cd1d22c5dff66a7333dfbab2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db3f174cd1d22c5dff66a7333dfbab2f_JaffaCakes118
Size

124KB
MD5

db3f174cd1d22c5dff66a7333dfbab2f
SHA1

47d12e359f2366a2742a274dee2e8f7f4f49967e
SHA256

a47b30e204b4a113079bbd4466e2753424cc3c05cb2871ae80b4f39e1c98d5e3
SHA512

bfb61d9b3e6446165b220236d66e51d4ef0ee634ed555953011dc956be909ea292b08a563f4bc2c0e41e935d17b22cf11f9059d56b786e5ffbbea10dfd6665cc
SSDEEP

3072:5GT+MvuKekPUhy60j5ekWaPhtZcz/fwtvpvYLzStyZF2S9:5mvUhy6O5aazZg/fEvRYLxZF2S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db3f174cd1d22c5dff66a7333dfbab2f_JaffaCakes118

Files

db3f174cd1d22c5dff66a7333dfbab2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de2611dff02c5118bdf70c89ee30f52e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
ShellExecuteExW

advapi32

UnregisterTraceGuids
RegQueryValueExW
GetTraceLoggerHandle
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
RegOpenKeyExW
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
RegSetValueExW
TraceMessage

kernel32

InterlockedExchange
FindResourceW
GetTickCount
GlobalAlloc
EnterCriticalSection
FreeResource
GetCurrentProcess
LoadResource
InterlockedDecrement
TerminateProcess
GetModuleHandleA
SetUnhandledExceptionFilter
GetProcessVersion
LocalFree
GetStartupInfoW
GetCurrentProcessId
WaitForSingleObject
GetLastError
InterlockedCompareExchange
ExitProcess
QueryPerformanceCounter
InterlockedIncrement
LocalAlloc
CreateThread
GetSystemTimeAsFileTime
LeaveCriticalSection
WideCharToMultiByte
LockResource
DeleteCriticalSection
GetCurrentThreadId
UnhandledExceptionFilter
InitializeCriticalSection
CloseHandle
Sleep

powrprof

CallNtPowerInformation

crypt32

CryptEncodeObjectEx
CertEnumSystemStoreLocation
CryptEncodeObject

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

uxtheme

CloseThemeData
GetThemeColor
OpenThemeData
GetThemeFont

msvcrt

_XcptFilter
memset
_cexit
__p__fmode
?terminate@@YAXXZ
_vsnwprintf
exit
wcstoul
__wgetmainargs
__setusermatherr
_wcmdln
_initterm
__set_app_type
_exit
_amsg_exit
__p__commode
??3@YAXPAX@Z
_wcsicmp
??2@YAPAXI@Z
_controlfp

gdi32

SetTextColor
CreateSolidBrush
CreateFontIndirectW
SetBkColor
DeleteObject

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx

user32

SetFocus
RegisterDeviceNotificationW
GetWindowLongW
LoadIconW
GetWindowTextLengthW
ShowWindow
EndDialog
UnregisterClassW
SendMessageW
DestroyWindow
DispatchMessageW
GetDlgCtrlID
PostQuitMessage
GetSysColor
EnableWindow
DefWindowProcW
SendDlgItemMessageW
GetMessageW
FindWindowExW
CreateWindowExW
GetDlgItem
SetTimer
PostMessageW
RegisterClassExW
SetWindowTextW
IsDlgButtonChecked
SetDlgItemTextW
UnregisterDeviceNotification
LoadStringW
FindWindowW
GetParent
CheckDlgButton
GetSysColorBrush
SetForegroundWindow
SetWindowLongW
SetActiveWindow
GetWindowTextW
DialogBoxParamW
TranslateMessage
KillTimer

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de2611dff02c5118bdf70c89ee30f52e

Headers

File Characteristics

Imports

shell32

advapi32

kernel32

powrprof

crypt32

wtsapi32

uxtheme

msvcrt

gdi32

setupapi

ole32

user32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 35KB - Virtual size: 34KB

.rsrc Size: 1024B - Virtual size: 104KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 1024B - Virtual size: 104KB