dbe0b7c1d9b4b3164097f5ad28941140_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbe0b7c1d9b4b3164097f5ad28941140_JaffaCakes118
Size

80KB
MD5

dbe0b7c1d9b4b3164097f5ad28941140
SHA1

215893948b652c17067d6c69f1e715182699d629
SHA256

bca639f8d85cb2ed846c8b1fd9a97dff85f4d03c9464f914e46839a32b03da54
SHA512

2e726205b2428b813636296ce63c78a1ec452b067f277c531a29b01603df8a293bdea07ac719f82fb121eecadcc75fff33ab89fd47700f8111b7a798b1b8335d
SSDEEP

1536:p4kq+caSluhtk2cQXl8XssxJN/COQKtA4uRjdV3pyNxpgE1:+kqkuMtk2ckIssxb6LuQbMNxph

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbe0b7c1d9b4b3164097f5ad28941140_JaffaCakes118

Files

dbe0b7c1d9b4b3164097f5ad28941140_JaffaCakes118
.exe windows:5 windows x86 arch:x86

203c775e8d072ecf55b14c172d186582

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetFileAttributesA
WriteConsoleA
CreateTimerQueueTimer
ReadFile
FindFirstFileA
HeapSize
WideCharToMultiByte
SetStdHandle
SetHandleCount
DefineDosDeviceA
MapViewOfFile
GetCommandLineA
DeleteCriticalSection
TlsFree
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
VirtualFree
GetOEMCP
QueryDosDeviceA
InitializeCriticalSection
GetConsoleOutputCP
LCMapStringA
CreateProcessA
FindClose
ReleaseMutex
VirtualAlloc
CreateThread
GetFileSize
RaiseException
lstrcatA
WaitForSingleObject
DeviceIoControl
GetEnvironmentStrings
GetCurrentProcess
CreateEventA
GetSystemTimeAsFileTime
HeapAlloc
GetConsoleCP
GetSystemDirectoryA
CreateFileMappingA
PulseEvent
QueryPerformanceCounter
IsDebuggerPresent
CreateDirectoryA
GetSystemInfo
TryEnterCriticalSection
CloseHandle
DeleteFileA
MultiByteToWideChar
SetFileAttributesW
TlsSetValue
LoadLibraryA
FindNextFileA
CopyFileA
ExitProcess
lstrcpyA
CreateFileA
lstrcmpiW
FormatMessageA
GetEnvironmentVariableA
LCMapStringW
GetVersionExA
GetModuleFileNameA
SetEndOfFile
ExitThread
EnterCriticalSection
SetLastError
GlobalAlloc
GetStdHandle
HeapFree
GetCurrentProcessId
LeaveCriticalSection
WriteFile
GlobalLock
GetVolumeInformationA
FreeLibrary
GetFileType
GetStringTypeW
TlsGetValue
InterlockedIncrement
lstrlenA
OpenEventA
InterlockedCompareExchange
UnhandledExceptionFilter
SystemTimeToFileTime
HeapCreate
IsValidCodePage
TlsAlloc
lstrcmpA
WaitForMultipleObjects
ResumeThread
SetUnhandledExceptionFilter
WriteConsoleW
DeleteTimerQueueTimer
HeapReAlloc
GetProcessHeap
SetFilePointer
Sleep
GetStartupInfoA
GetCPInfo
GetStringTypeA
OpenMutexA
FlushFileBuffers
GetSystemTime
lstrcmpiA
GetSystemDefaultLangID
GetLastError
GetProcAddress
FreeEnvironmentStringsW
GetConsoleMode
UnmapViewOfFile
FreeEnvironmentStringsA
CreateMutexA
GetTickCount
TerminateProcess
DeleteFileW
GetTempPathA
SetThreadPriority
GetCurrentThreadId
SetFileAttributesA
VirtualQuery
SetEvent
GetLocaleInfoA
RtlUnwind
GetACP
InterlockedDecrement
GetCommandLineW

ws2_32

WSASocketA
freeaddrinfo
getaddrinfo

advapi32

RegCloseKey
RegSetValueExA
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueA
RegSetValueExW
RegEnumKeyExA
RegQueryValueExA
RegEnumValueW
RegOpenKeyExA

msvcrt

??_U@YAPAXI@Z
_adjust_fdiv
__p__fmode
??2@YAPAXI@Z
??3@YAXPAX@Z
wcschr
memmove
_purecall
_callnewh
_lock

ole32

CoUninitialize
CoInitialize
CoCreateInstance

user32

ReleaseCapture
GetSysColor
EnableWindow
ClientToScreen
SetForegroundWindow
SendDlgItemMessageW
SetTimer
GetWindowTextLengthW
DispatchMessageW
MessageBoxA
SetCursor
GetWindowThreadProcessId
wsprintfA

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA

wininet

InternetSetOptionA

aclui

CreateSecurityPage

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

203c775e8d072ecf55b14c172d186582

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

advapi32

msvcrt

ole32

user32

shell32

wininet

aclui

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 22KB - Virtual size: 86KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 150B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 22KB - Virtual size: 86KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 150B