de754955d421231e309d008e47283c32_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

de754955d421231e309d008e47283c32_JaffaCakes118
Size

713KB
MD5

de754955d421231e309d008e47283c32
SHA1

2ffbcf2bd51a738af0b3a370284b6bf45adfc578
SHA256

b8b35cd14e486e7f34351b1fa3e53c874ea1e26627c3455facbb5880f4220caf
SHA512

e2ad25895b3c80a6c46f4d2de3bc2e2f7b513c9f50c80498505ca11dc1a2cf70e7e6c2dce31c49d70b58823183f2c03be0d895cbc77f2c017e2ae4cbd74cb4d2
SSDEEP

12288:Gi6x47zujH3OB2FmkHTLl7fsnfDKMx4+IKIjwq:v6Czw/zNknfDtxWjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de754955d421231e309d008e47283c32_JaffaCakes118

Files

de754955d421231e309d008e47283c32_JaffaCakes118
.exe windows:6 windows x86 arch:x86

d812b14da5ae17939f7ff499906a0051

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
CompareStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
OutputDebugStringW
GetCurrentThreadId
GetProcessHeap
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
ReadFile
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetStringTypeW
SetFilePointerEx
SetEnvironmentVariableA
ReadConsoleW
GetTimeZoneInformation
CreateFileW
GetUserDefaultLangID
EnumTimeFormatsA
DeleteFileA
CreateFileA
CreateDirectoryA
GetTempFileNameA
GetTempPathA
FindResourceExW
GetModuleHandleA
LoadLibraryA
CreateEventA
lstrlenA
CreateMutexA
lstrcpyA
GetCPInfo
CloseHandle
WriteFile
GetFileSize
LoadResource
Sleep
WaitForSingleObject
DeleteCriticalSection
GetCommandLineA
SetEndOfFile
RtlUnwind
RaiseException
SystemTimeToFileTime
SetFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
PeekNamedPipe
GetFileInformationByHandle
ReleaseMutex
GetLastError
GlobalFree
FileTimeToLocalFileTime
IsProcessorFeaturePresent
GlobalAlloc
GetProcAddress
IsDebuggerPresent
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
HeapReAlloc
HeapAlloc
HeapFree
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer

user32

SetWindowPos
PostQuitMessage
DefWindowProcA
EndDialog
GetDlgItem
PostMessageA
wsprintfW
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
IsDlgButtonChecked
CreateDialogParamA
GetCursorPos
SystemParametersInfoA
DrawIconEx
LoadImageA
LoadIconA
LoadBitmapA
CheckMenuRadioItem
GetWindowThreadProcessId
GetDesktopWindow
SetClassLongA
PtInRect
CopyRect
FillRect
WindowFromPoint
SendDlgItemMessageA
MessageBoxA
GetWindowRect
GetClientRect
SetWindowTextA
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
UpdateWindow
DrawTextA
TrackPopupMenu
GetMenuCheckMarkDimensions
AppendMenuA
InsertMenuA
EnableMenuItem
CreatePopupMenu
CreateMenu
GetSystemMenu
GetSystemMetrics
SetTimer
GetKeyState
GetFocus
SetFocus
DestroyWindow

gdi32

SetViewportExtEx
DPtoLP
TextOutA
MoveToEx
GetTextMetricsA
SetTextColor
SetMapMode
SelectObject
SaveDC
RestoreDC
LineTo
GetTextExtentPoint32A
GetStockObject
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreateCompatibleDC
BitBlt
SetWindowExtEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

CryptReleaseContext
CryptGenKey
CryptDestroyKey
CryptAcquireContextA

shell32

SHGetSpecialFolderLocation

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

VariantInit

userenv

ExpandEnvironmentStringsForUserA

avifil32

AVIMakeCompressedStream
AVIStreamStart

msimg32

GradientFill

comctl32

InitCommonControlsEx
CreateToolbarEx

uxtheme

DrawThemeBackground

wsnmp32

ord501

powrprof

CanUserWritePwrScheme
GetPwrCapabilities
GetActivePwrScheme
DeletePwrScheme
IsPwrSuspendAllowed

urlmon

HlinkSimpleNavigateToMoniker
HlinkSimpleNavigateToString

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d812b14da5ae17939f7ff499906a0051

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

userenv

avifil32

msimg32

comctl32

uxtheme

wsnmp32

powrprof

urlmon

Sections

.text Size: 235KB - Virtual size: 234KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 65KB - Virtual size: 76KB

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 301KB - Virtual size: 301KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 235KB - Virtual size: 234KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 65KB - Virtual size: 76KB

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 301KB - Virtual size: 301KB

.reloc
Size: 15KB - Virtual size: 15KB