e18cba6707d88ab92396cbce75dd9673_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e18cba6707d88ab92396cbce75dd9673_JaffaCakes118
Size

385KB
MD5

e18cba6707d88ab92396cbce75dd9673
SHA1

e7c123f5840ef439ee8a5c9ebe444f8fc716cbc2
SHA256

c0babf555b2d633d8618931221306964a5a9231285b4bbaecfd37784632ecc8a
SHA512

df227dc283938b8b09ac85879966b214882d6f00cdafdb2c15836981cd64855f436125446d8231b6d5e526c81c467407e50d1abe0f0c74e2bb50c45f55a1ea86
SSDEEP

6144:hhjmbyXC6O1Jz17rms4jHDBS06bV16ar4tLnm5OMbEGg6UBjf4bWU6olSnDVeT6:uyS6opZl4zDL6bL6ariybCrAWUHlS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e18cba6707d88ab92396cbce75dd9673_JaffaCakes118

Files

e18cba6707d88ab92396cbce75dd9673_JaffaCakes118
.exe windows:8 windows x86 arch:x86

1595c62828000496b8c1e44f3ab5ae67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupCloseInfFile
SetupFindNextLine
SetupFindFirstLineW
SetupOpenInfFileW
SetupGetStringFieldW
SetupOpenAppendInfFileW
SetupGetLineCountW

msvcrt

_adjust_fdiv
wcsrchr
_ftol
_acmdln
wcscat
_wcsicmp
__p__fmode
_mbschr
__lconv_init
_controlfp
wcsncpy
free
towlower
exit
_mbsrchr
setlocale
strtoul
_mbsinc
_wcsnicmp
iswspace
??3@YAXPAX@Z
wcsncmp
wcslen
_XcptFilter
__p__commode
wcschr
_exit

kernel32

lstrlenW
MultiByteToWideChar
CloseHandle
FreeLibrary
SetCurrentDirectoryW
GetVersion
CreateEventW
UnhandledExceptionFilter
ResetEvent
GetTempPathA
GetVersionExA
ExitProcess
TerminateProcess
HeapReAlloc
ReadFile
lstrlenA
FindNextFileW
LoadLibraryW
CopyFileW
CloseHandle
GetSystemDirectoryW
GetVersionExW
SetErrorMode
DeviceIoControl
CreateFileW
ExpandEnvironmentStringsW
GetModuleHandleA
DeleteFileA
LocalAlloc
DebugBreak
InitializeCriticalSection
WriteFile
IsDBCSLeadByte
GetEnvironmentVariableW
GetDriveTypeW
GetModuleFileNameW
HeapFree
FindFirstFileW
GetStartupInfoA
GetCurrentThreadId
EnterCriticalSection
GetLastError
SetEvent
LocalFree
FindFirstFileA
SetFileAttributesW
VirtualAlloc
GetCommState
CreateMutexW
CreateDirectoryA
GetCurrentProcess
GetProcAddress
OpenProcess
GetModuleHandleW
HeapAlloc
GetEnvironmentStringsW
HeapQueryInformation
LeaveCriticalSection
lstrcpyW
FormatMessageW
FileTimeToLocalFileTime
CreateThread
HeapCreate
DeleteFileW
FileTimeToDosDateTime
WideCharToMultiByte
FindClose
VirtualFree
SetLastError
SetCommState
SetUnhandledExceptionFilter
CreateEventA
DeleteCriticalSection

advapi32

RegQueryValueExW
GetTokenInformation
LookupPrivilegeValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueW
LookupAccountSidW
RegEnumKeyExW
RegSetValueExW
FreeSid
EqualSid

shell32

SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation

ole32

CLSIDFromString
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoUninitialize

user32

MessageBoxA
GetWindowLongA
SetWindowPos
SetForegroundWindow
SetWindowLongW
LoadImageW
EnumThreadWindows
ExitWindowsEx
TranslateMessage
SetFocus
GetWindowRect
GetWindowLongW
EndDialog
LoadStringW
LoadStringA
CopyRect
FindWindowW
EnableWindow
ShowWindow
SetCursor
ScreenToClient
SetWindowLongA
wsprintfW
GetDlgItem
SendMessageW
ReleaseDC
RedrawWindow
SendMessageA
SendDlgItemMessageW
SystemParametersInfoW
RegisterClassExW
PostMessageW
EnumChildWindows
GetClientRect
DispatchMessageW
SetTimer
GetParent
CreateWindowExW
GetDC

shlwapi

StrCpyNW
StrDupW
PathIsRootW
PathAppendW
StrChrIW
StrCmpW
StrCpyW
StrCmpIW
SHGetValueW

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1595c62828000496b8c1e44f3ab5ae67

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

msvcrt

kernel32

advapi32

shell32

ole32

user32

shlwapi

Sections

.text Size: 232KB - Virtual size: 232KB

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 96KB - Virtual size: 712KB

.text
Size: 232KB - Virtual size: 232KB

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 96KB - Virtual size: 712KB