f039b8d68a17bf3fac4aeafa93b7cde1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f039b8d68a17bf3fac4aeafa93b7cde1_JaffaCakes118
Size

424KB
MD5

f039b8d68a17bf3fac4aeafa93b7cde1
SHA1

7a2597254bacffbabec0195a5ef358068fd30915
SHA256

3627efbb1eaa8f4b2b3881a22eeb6ce39c9c8b33b2dac82b5c682f0bfcaf67a6
SHA512

a037a06ea32badc4f90703e293e0c7866848238c7a8f82998154347bfc058f2483e41b9fb50978568588b9fae35162721aae1ef8cea005359a19dc7a5c6f17e9
SSDEEP

6144:trn63LisHq1KZe75QTQbpkirLauxyxPS5djYQuuMVCCkDmf3sAdWFmGfYciHeCPV:h6WP8W4VHeCRsWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f039b8d68a17bf3fac4aeafa93b7cde1_JaffaCakes118

Files

f039b8d68a17bf3fac4aeafa93b7cde1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddb3436fdc9da2f22a77e41d3ae8619f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetShortPathNameA
MoveFileExA
LocalAlloc
GetCurrentThread
FreeLibrary
GetPrivateProfileStringA
SetEnvironmentVariableA
SetFilePointer
CreateToolhelp32Snapshot
Process32Next
Process32First
TerminateProcess
OpenProcess
MultiByteToWideChar
DeviceIoControl
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetEndOfFile
GetCurrentProcessId
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
CopyFileA
Sleep
FindFirstFileA
SetLastError
FindNextFileA
FindClose
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
WinExec
OpenFile
_lclose
SetFileAttributesA
DeleteFileA
GetFullPathNameA
GetVersionExA
SetCurrentDirectoryA
GetLastError
FormatMessageA
LocalFree
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
GetUserDefaultLangID
GetModuleFileNameA
GetComputerNameA
Module32First
GetStartupInfoA

user32

GetWindowThreadProcessId
DialogBoxParamA
EnumWindows
GetParent
CopyRect
OffsetRect
SetWindowPos
LoadStringA
MessageBoxA
LoadBitmapA
UpdateWindow
ShowWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowRect
GetClientRect
SendMessageA
CreateWindowExA
GetDesktopWindow
LoadImageA
ExitWindowsEx
wsprintfA
GetWindowInfo
GetSystemMetrics
SetDlgItemTextA
GetDlgItem
EnableWindow
EndDialog
IsDlgButtonChecked

advapi32

RevertToSelf
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
FreeSid
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenThreadToken
ImpersonateSelf
CloseServiceHandle
OpenServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
RegEnumValueA
OpenProcessToken

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

setupapi

SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsA
SetupDiGetDeviceInstanceIdA
SetupDiClassGuidsFromNameA
SetupDiGetINFClassA
SetupDiRegisterDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstallParamsA
SetupDiGetDriverInfoDetailA
SetupDiDestroyDriverInfoList
SetupDiSetSelectedDevice
SetupDiCallClassInstaller
SetupDiRemoveDevice
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDriverInfoA

comctl32

ord17

shlwapi

PathAppendA
PathIsDirectoryA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
printf
_mbstok
_itoa
_except_handler3
strstr
strchr
memmove
strtoul
_mbscmp
_mbsnbcmp
_mbsnbicmp
_strdup
free
__CxxFrameHandler
atoi
fopen
fclose
vsprintf
fgetc
_mbsnbcpy
sscanf
fprintf
_mbsstr
sprintf
exit
??2@YAPAXI@Z
getenv
??3@YAXPAX@Z
_mbschr
_mbscspn
_mbsrchr
toupper
_mbsicmp

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ddb3436fdc9da2f22a77e41d3ae8619f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

setupapi

comctl32

shlwapi

msvcrt

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 288KB - Virtual size: 285KB

.mrdata Size: 76KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 288KB - Virtual size: 285KB

.mrdata
Size: 76KB - Virtual size: 76KB