e592e1dea886d83e1362d68ad1d6f703_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e592e1dea886d83e1362d68ad1d6f703_JaffaCakes118
Size

361KB
MD5

e592e1dea886d83e1362d68ad1d6f703
SHA1

f720dc9f5b0cc9c7a9ac88626aa19a78969882f5
SHA256

d8817b61c1649d35eeeb63914f96f6fc77da229e3dde357b2b160af4db9a0b9e
SHA512

42ec2594609e1f12b2d8b17bd4a2a5053580d95abdca68e23eb1cf2c645ea011f55b535ad9657b2bc4b0b61cc048cd3b2400c75372c69e28f7ef74737d76e39e
SSDEEP

6144:jIVQv0y3NRJO22A8oos+W0OBMgxDy1+yAD20GvPYE8a:cVQvBNfORjVOB7xDQ1AD20GXYEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e592e1dea886d83e1362d68ad1d6f703_JaffaCakes118

Files

e592e1dea886d83e1362d68ad1d6f703_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fdcf510539d106037dae23057a513d47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
OpenEventA
OpenFile
OpenFileMappingA
OpenJobObjectA
OpenProcess
PeekConsoleInputW
QueryPerformanceCounter
RaiseException
ReadFile
ReadFileEx
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleTitleA
SetEvent
SetFilePointer
SetProcessWorkingSetSize
MapViewOfFile
SetVolumeLabelA
SleepEx
SystemTimeToFileTime
TerminateProcess
Thread32Next
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WriteFile
_hwrite
lstrcmpi
lstrcpy
lstrcpyn
LocalFree
LocalCompact
LocalAlloc
GetTickCount
LoadLibraryExW
LeaveCriticalSection
IsValidLanguageGroup
IsBadWritePtr
IsBadReadPtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapFree
HeapDestroy
HeapCreate
Heap32First
GlobalUnfix
GlobalFindAtomW
GetVersionExA
GetTimeFormatW
GetTempPathA
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetStringTypeExW
GetStdHandle
GetProcessHeaps
GetModuleFileNameW
GetLogicalDrives
GetLogicalDriveStringsW
GetLocalTime
GetFileAttributesExW
GetDiskFreeSpaceA
GetCurrentProcess
GetConsoleCursorInfo
GetConsoleAliasesLengthA
GetComputerNameA
GetCPInfoExW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushViewOfFile
FlushFileBuffers
FindFirstFileW
FillConsoleOutputAttribute
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DuplicateHandle
DisableThreadLibraryCalls
DeleteCriticalSection
CreateThread
CreateSemaphoreA
CreateProcessW
CreateNamedPipeA
CreateHardLinkW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryW
ConvertDefaultLocale
ConnectNamedPipe
CompareFileTime
CloseHandle
BuildCommDCBAndTimeoutsA
GetProcAddress
lstrlenA
GetCurrentProcessId
GetDriveTypeA
GetFileAttributesA
GetStartupInfoA
GlobalAlloc
LoadLibraryA
GetModuleHandleA
GetCommandLineW
GetCommandLineA
GetProcessHeap
GetLastError
GetVersion
lstrlenW
GetCurrentThreadId
HeapAlloc
GetModuleHandleW
LoadLibraryW
GetDriveTypeW
GetFileAttributesW
SetUnhandledExceptionFilter

user32

SetWindowsHookW
SendDlgItemMessageW
RegisterClassA
RedrawWindow
PostThreadMessageA
PostQuitMessage
PackDDElParam
OemToCharBuffA
ModifyMenuW
MessageBeep
LoadCursorFromFileW
IsCharAlphaA
InvertRect
GetWindowModuleFileNameW
GetWindowModuleFileNameA
GetMessageA
GetKeyboardLayoutList
GetKeyNameTextW
GetClipboardViewer
EnumWindows
EditWndProc
DragObject
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DispatchMessageA
DestroyMenu
DefDlgProcW
DdeSetUserHandle
DdeImpersonateClient
CreateWindowStationW
CreateWindowExA
CopyIcon
CloseWindowStation
CheckRadioButton
CheckMenuRadioItem
CharPrevW
CharNextW
ChangeMenuA
UpdateWindow
SetWindowLongW
GetDC
IsWindowVisible
LoadBitmapW
GetMenu
LoadBitmapA
GetDlgItem
EnableMenuItem
IsDlgButtonChecked
LoadIconA
ShowWindow
SendMessageA
GetSysColor
GetParent
LoadIconW
IsWindow
SendMessageW
GetKeyState
GetSystemMetrics
DestroyIcon
DestroyWindow
DefWindowProcA

gdi32

CreateHalftonePalette
GetDCPenColor
GetFontLanguageInfo
CreateCompatibleDC
CloseFigure
EndPath
CloseMetaFile
AbortDoc
DeleteDC
SetTextAlign
GetDCBrushColor
CancelDC
GetLayout
DeleteEnhMetaFile
SetTextColor
FlattenPath
DeleteMetaFile
AbortPath
AddFontResourceW
CreatePatternBrush
DeleteColorSpace
SetBkMode
FillPath
GetBkMode
GetColorSpace
BeginPath
CreateMetaFileA
GetEnhMetaFileW
EndPage
DeleteObject
AddFontResourceA
EndDoc
SaveDC
GetEnhMetaFileA
CreateDIBPatternBrushPt
CreateRectRgn
EngDeleteSemaphore
EngDeleteSurface
EngMultiByteToWideChar
ExcludeClipRect
ExtFloodFill
ExtTextOutA
GdiComment
GdiConvertPalette
GetEnhMetaFilePixelFormat
GetPixelFormat
GetRelAbs
GetTextExtentExPointWPri
GetTextExtentPointI
Polyline
SetColorAdjustment
SetFontEnumeration
SetICMProfileA
StartDocW
XLATEOBJ_iXlate
CreateSolidBrush
GetBkColor
SelectObject
GetGraphicsMode
GdiGetBatchLimit
CloseEnhMetaFile
GdiFlush
CreateMetaFileW

advapi32

CryptReleaseContext
CryptAcquireContextA
CloseServiceHandle
CheckTokenMembership
AllocateAndInitializeSid
AddAccessAllowedAce
RegQueryValueExW
StartServiceCtrlDispatcherA
SetServiceStatus
SetSecurityDescriptorDacl
ReportEventA
RegisterServiceCtrlHandlerExA
RegisterEventSourceA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegNotifyChangeKeyValue
RegCloseKey
QueryServiceStatus
OpenServiceA
OpenSCManagerA
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
FreeSid
CryptGenRandom

shell32

Shell_NotifyIconW
Shell_NotifyIconA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHIsFileAvailableOffline
SHGetPathFromIDListA
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFileInfoW
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceA
SHFormatDrive
SHFileOperation
SHEmptyRecycleBinW
SHCreateProcessAsUserW
SHCreateDirectoryExW
SHCreateDirectoryExA
SHBrowseForFolderW
SHBrowseForFolderA
SHBindToParent
SHAppBarMessage
ExtractIconExW
ExtractIconExA
ExtractIconEx
ExtractAssociatedIconW
ExtractAssociatedIconExW
ExtractAssociatedIconA
DragQueryFileW
DragQueryFileAorW
DragQueryFile
DoEnvironmentSubstA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

StrRChrW
StrCmpNIW
StrChrA
StrCmpNA
StrRChrIW
StrCmpNIA

winmm

timeGetTime

msvcrt

wcsrchr
wcsstr
wcstok
_strnicmp
_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_iob
_snprintf
_snwprintf
_stricmp
_vsnprintf
_wcsicmp
_wtol
atoi
exit
floor
fprintf
free
malloc
memmove
perror
rand
sprintf
strncpy
strtoul
wcscat
wcschr
wcscmp
wcscpy
wcslen
wcsncat

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdcf510539d106037dae23057a513d47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

winmm

msvcrt

Sections

.text Size: 284KB - Virtual size: 284KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 55KB - Virtual size: 54KB

.text
Size: 284KB - Virtual size: 284KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 55KB - Virtual size: 54KB