eb916da4abe4ff314662089013c8f832_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb916da4abe4ff314662089013c8f832_JaffaCakes118
Size

463KB
MD5

eb916da4abe4ff314662089013c8f832
SHA1

1e7e611cc6922a2851bcf135806ab51cdb499efa
SHA256

96af80e7ba0f3997d59ebcb5ecef619f980d71ca29113e2cd2f2e8adcdea3061
SHA512

d0dbe1d1612982b9cd2a3ed3cbd3e3b5be49237f580f91d5e5d5b6d20ed4dc0babb69a666c19bf4e0f10776a43b9b1dcda91a4cd381ce3705b1795ef9d731c8b
SSDEEP

6144:k1+xTZXVYwi0VrQLS0jOQk+gAmRxYqBAygw/lV7MXm7nvhe1gSD1Md:0wFFXVrQGsOQXZ+CGAyNhe1fD1Md

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb916da4abe4ff314662089013c8f832_JaffaCakes118

Files

eb916da4abe4ff314662089013c8f832_JaffaCakes118
.exe windows:5 windows x86 arch:x86

465638b1cf13f6fce6f0cb72c4364f23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW
PathRemoveFileSpecW
PathFindFileNameW
PathRemoveExtensionW

comctl32

CreateStatusWindowW
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_Replace
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

kernel32

lstrcpynA
lstrlenA
GlobalFree
GlobalUnlock
MulDiv
lstrcpyW
GetCurrentProcessId
CloseHandle
CreateFileW
ReadFile
SetFilePointer
WriteFile
WaitForSingleObject
GetFileSize
FindClose
GetFullPathNameW
FindFirstFileW
FindNextFileW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitThread
CreateThread
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
Sleep
HeapSize
ExitProcess
SetLastError
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FlushFileBuffers
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
lstrcmpiW
LoadLibraryW
GetLastError
GetProcAddress
FreeLibrary
GetVersionExW
lstrcpynW
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocaleInfoW
lstrcmpW
lstrlenW
GetUserDefaultLangID
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
FreeResource
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatW
WideCharToMultiByte
GetDateFormatW
LockResource
RaiseException
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
FindResourceExW
GetStdHandle
VirtualQuery

user32

DestroyWindow
LoadStringW
IsMenu
GetMenuItemCount
InvalidateRect
UpdateWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
DialogBoxIndirectParamW
EndDialog
ReleaseDC
GetSystemMetrics
MoveWindow
InflateRect
LoadImageW
wvsprintfW
LoadStringA
PostQuitMessage
SetRectEmpty
IsWindowVisible
GetWindowDC
SetScrollInfo
DestroyCursor
SetRect
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
PtInRect
ScreenToClient
CreatePopupMenu
AppendMenuW
IsWindowEnabled
EnableMenuItem
TrackPopupMenu
CopyRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMessagePos
WindowFromPoint
ScrollWindowEx
GetScrollInfo
SetScrollPos
MessageBeep
TrackPopupMenuEx
MonitorFromPoint
OffsetRect
DrawTextW
DrawFocusRect
DrawEdge
SystemParametersInfoW
RemoveMenu
DrawFrameControl
CreateDialogIndirectParamW
GetFocus
FrameRect
UnhookWindowsHookEx
CallNextHookEx
GetClassNameW
SetWindowsHookExW
CharLowerW
GetKeyState
RegisterWindowMessageW
GetSubMenu
GetWindowThreadProcessId
UnregisterClassA
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadMenuW
CharNextW
IsWindow
GetWindowPlacement
PostMessageW
SetWindowPlacement
GetActiveWindow
CreateWindowExW
LoadIconW
GetDC
SetMenu
ModifyMenuW
DestroyMenu
GetMenu
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
SetFocus
ShowWindow
ReleaseCapture
GetCursorPos
SetCapture
SetCursor
FillRect
GetWindowTextLengthW
GetWindowTextW
SendMessageW
EnableWindow
GetDlgItem
MessageBoxW
GetDlgItemTextW
DefWindowProcW
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowTextW
SetDlgItemTextW
DestroyCaret
GetSysColorBrush
GetWindowLongW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetSysColor
SetWindowPos
SetWindowLongW
CallWindowProcW

gdi32

CreateBitmap
PatBlt
CreatePen
CreateFontIndirectW
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
CreatePatternBrush
CreateDIBitmap
SetTextColor
SetBkMode
SelectObject
CreateCompatibleDC
CreateDIBSection
LineTo
MoveToEx
DeleteDC
DeleteObject
SetBrushOrgEx
SetBkColor
GetTextExtentPoint32W
CreateFontW
GetStockObject
GetObjectW
SetViewportOrgEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr
VariantClear

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

465638b1cf13f6fce6f0cb72c4364f23

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 282KB - Virtual size: 282KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 23KB - Virtual size: 33KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 282KB - Virtual size: 282KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 23KB - Virtual size: 33KB

.rsrc
Size: 100KB - Virtual size: 99KB