f01acff99e2d9f8dba87d9c43081145f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f01acff99e2d9f8dba87d9c43081145f_JaffaCakes118
Size

127KB
MD5

f01acff99e2d9f8dba87d9c43081145f
SHA1

701747516e7f4ddf672222f5245e4b7f3e616177
SHA256

5399a7f0653af04c37fc95b031cd930c554f12b7b85a54abb1525b6646dafa6e
SHA512

ffd740527f072a6268149da693c9f4b2beda8b9b506f1a000567c330e540fe00b10227f05939f2bcfeed3affe932966df143b25ed430511da99a66bdb5953517
SSDEEP

3072:18ENNySxa+KXHbzuaMU61PvnvE07l7TqlQV5:+gNykWFOPvvE0dqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f01acff99e2d9f8dba87d9c43081145f_JaffaCakes118

Files

f01acff99e2d9f8dba87d9c43081145f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c42cac955b83d5e842d30a314b036d21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetDriveTypeW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLangID
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
FileTimeToSystemTime
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventA
OpenEventW
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProfileStringA
WriteProfileStringW
lstrcpynW
lstrlenA
lstrlenW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateProcessA
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CompareStringA
CloseHandle
GlobalUnlock
VirtualAlloc

user32

LoadStringA
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
PostThreadMessageW
RegisterClassA
RegisterClassW
RegisterWindowMessageA
ReleaseDC
ScreenToClient
ScrollWindow
SendMessageA
SetCursor
SetFocus
SetScrollInfo
SetWindowLongA
SetWindowLongW
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
UnregisterClassW
UpdateWindow
LoadImageA
IsWindow
InvalidateRect
GetWindowRect
GetSystemMetrics
GetScrollInfo
GetParent
GetDlgItem
GetDesktopWindow
GetDC
GetClientRect
GetActiveWindow
FindWindowExW
FindWindowExA
EndPaint
EnableWindow
DrawFocusRect
DestroyWindow
DestroyCursor
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
CharNextA
CallWindowProcW
CallWindowProcA
BeginPaint
LoadImageW

gdi32

CreateFontIndirectA
CreateFontIndirectW
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutW
GetDeviceCaps
GetObjectA
GetObjectType
CreateFontA
GetTextFaceA
GetTextMetricsA
GetTextMetricsW
PatBlt
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
CreateCompatibleDC
GetObjectW
GetStockObject

advapi32

RegCloseKey
RegOpenKeyExW

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c42cac955b83d5e842d30a314b036d21

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 3KB