fe9b67f0c953bbbc9b6d1c820c0af389_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe9b67f0c953bbbc9b6d1c820c0af389_JaffaCakes118
Size

180KB
MD5

fe9b67f0c953bbbc9b6d1c820c0af389
SHA1

7e2b58c739227ba39f4bff6bc3f4b77cf14ee9b0
SHA256

52359689062974f656953825cef44f956586d2cbad5faede22a1f135917aee4e
SHA512

22d6ccf49956726dbfdccf88c39166580a1cc60796fbdbbc66a6b584ec7efbf6a84d6cbdc6937b8d6390c0b5be8df106581395a916de318b177eef4cb6a46014
SSDEEP

3072:8kZ2oHWz61IqEehfi/uT4ZRVpvE0ub81stcm8gKuxDT3HdXQsSZIurBiI+lvlGYY:N2Q4dqE8fi/ucZXHRg33HjqrMZacJC3+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe9b67f0c953bbbc9b6d1c820c0af389_JaffaCakes118

Files

fe9b67f0c953bbbc9b6d1c820c0af389_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ac2fa130fd2a5ee2584ab329989cacf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExW
DeviceIoControl
GetDriveTypeW
Sleep
GetLogicalDrives
GetLastError
GetLogicalDriveStringsW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
SetLastError
VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
TerminateProcess
WaitForSingleObject
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualProtectEx
VirtualAllocEx
VirtualAlloc
GlobalMemoryStatusEx
GetTickCount
GlobalFree
GlobalUnlock
GlobalLock
DefineDosDeviceW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcessId
Process32NextW
Process32FirstW
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
SetEnvironmentVariableW
PulseEvent
ExpandEnvironmentStringsW
ResetEvent
CreateEventW
SetProcessWorkingSetSize
QueryDosDeviceW
RemoveDirectoryW
CopyFileW
SearchPathW
GetCurrentProcess
SetSystemPowerState
GetModuleFileNameA
SetCurrentDirectoryW
GetLocalTime
GetCommandLineW
GetStartupInfoW
GetModuleFileNameW
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
GetSystemDefaultLangID
CreateThread
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesExW
DeleteFileW
GetFileSize
SetFilePointer
ReadFile
CloseHandle
CreateFileW
lstrcmpiW
lstrcmpW
lstrcatW
lstrcpyW
lstrlenW
lstrcatA
lstrlenA
WideCharToMultiByte
GlobalAlloc
MultiByteToWideChar

user32

CreatePopupMenu
AppendMenuW
DestroyMenu
GetClientRect
GetWindowThreadProcessId
FindWindowExW
CreateMenu
DestroyIcon
UnregisterHotKey
SetFocus
wsprintfW
MessageBoxW
CharUpperW
GetKeyboardState
GetAsyncKeyState
EqualRect
GetSystemMetrics
SetRectEmpty
CopyRect
SetActiveWindow
GetParent
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageTimeoutW
RegisterHotKey
SetWindowLongW
DestroyWindow
GetWindowLongW
DialogBoxParamW
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgItem
SetDlgItemTextW
DefWindowProcW
LoadIconW
KillTimer
SetTimer
ShowWindow
GetWindowTextW
CallWindowProcW
DrawIconEx
GetWindowRect
PtInRect
LoadCursorW
RegisterClassExW
CreateWindowExW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageW
LoadStringW
FindWindowW
keybd_event
ChangeDisplaySettingsW
EnumDisplaySettingsW
DialogBoxIndirectParamW
InvalidateRect
GetDC
ReleaseDC
EndDialog
SetWindowPos
FillRect
BeginPaint
EndPaint
PostQuitMessage
SetLayeredWindowAttributes
DrawTextW
SetWindowTextW
SendMessageW
EnableWindow
EnableMenuItem
GetKeyState

gdi32

SetBkColor
AddFontResourceW
DeleteObject
CreateSolidBrush
SetBkMode
SetTextColor
SelectObject
GetStockObject
CreateFontW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

ControlService
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceW

shell32

SHGetSpecialFolderPathW
SHFileOperationW
SHGetFileInfoW
ExtractIconW
Shell_NotifyIconW
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragFinish
DragQueryFileW
SHChangeNotify

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal

shlwapi

StrCpyNW
StrCmpNW
StrCmpNIW
StrChrW
StrStrW
StrStrIW
StrToIntExW
SHDeleteValueW
SHDeleteKeyW
SHSetValueW
SHGetValueW
StrToIntW
StrRChrW

msvcrt

_wcmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_gcvt
atof
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
memcpy
memset
free
realloc
malloc
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__wgetmainargs

setupapi

SetupDiGetINFClassW
SetupIterateCabinetW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW

Sections

WCMD
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ac2fa130fd2a5ee2584ab329989cacf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

setupapi

Sections

WCMD Size: 67KB - Virtual size: 67KB

.data Size: 512B - Virtual size: 7KB

.rsrc Size: 112KB - Virtual size: 112KB

WCMD
Size: 67KB - Virtual size: 67KB

.data
Size: 512B - Virtual size: 7KB

.rsrc
Size: 112KB - Virtual size: 112KB