fea512507cb1e6f012ee709edccf10ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fea512507cb1e6f012ee709edccf10ad_JaffaCakes118
Size

232KB
MD5

fea512507cb1e6f012ee709edccf10ad
SHA1

df5d494ce2471bd17c4e31a825d96f5765bcb2db
SHA256

3d241e63d8b2002677bb600848cf414d0d55d170b1b5ad7fd53cf36c37f6c8d0
SHA512

7c47917ec32ccd9e99a4030304b7d7908e66ab2c1f7c4fa4cd000de74ce4c473ad119076feae22971e4935bbb43065b18b4cc8c4070c58e5cda2d0566c79d7f1
SSDEEP

3072:xueXRI2zqYtYUoIOXFuzpF78Z6qAm/xbazzPQztEKCpLV:xuA+2zdtYvIsuzp8baz0EL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fea512507cb1e6f012ee709edccf10ad_JaffaCakes118

Files

fea512507cb1e6f012ee709edccf10ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5db4f57ae43556d5d2ba0bc1c79435d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CreateEventA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessA
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnumCalendarInfoA
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindFirstFileA
FlushFileBuffers
GetACP
GetCPInfo
GetDateFormatA
GetEnvironmentStringsW
GetExitCodeThread
GetFileSize
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileStringA
GetShortPathNameA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameA
GetTempPathW
GetThreadLocale
GetVersion
GetVersionExA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedIncrement
IsBadCodePtr
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
ResumeThread
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFilePointer
SetLastError
SetStdHandle
SetThreadLocale
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WritePrivateProfileStringA
lstrcatA
lstrcmpA

user32

CallWindowProcA
CharNextA
CloseClipboard
DispatchMessageA
DrawMenuBar
EnableMenuItem
EndDialog
FindWindowA
GetActiveWindow
GetDC
GetDlgItem
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardType
GetLastActivePopup
GetMenuItemID
GetParent
GetScrollPos
GetWindow
GetWindowDC
GetWindowThreadProcessId
InflateRect
InsertMenuA
IsDialogMessageA
IsRectEmpty
LoadCursorA
MessageBoxA
OemToCharA
RedrawWindow
RegisterWindowMessageA
ReleaseDC
RemovePropA
ScrollWindow
SetMenu
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPos
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
TranslateMessage
WaitMessage
WindowFromPoint

gdi32

BeginPath
CombineRgn
CreateCompatibleBitmap
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEnhMetaFileA
CreateICA
CreatePalette
CreateRoundRectRgn
EnumFontFamiliesExA
EnumFontFamiliesW
ExtCreateRegion
ExtSelectClipRgn
GdiFlush
GetBkColor
GetCharWidthW
GetCharacterPlacementA
GetDIBits
GetEnhMetaFileBits
GetNearestPaletteIndex
GetOutlineTextMetricsA
GetPixel
GetStretchBltMode
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32W
GetTextExtentPointA
LineDDA
MoveToEx
OffsetViewportOrgEx
PatBlt
PolyDraw
PolylineTo
RectInRegion
RemoveFontResourceA
RoundRect
SelectClipRgn
SetArcDirection
SetDIBColorTable
SetMapperFlags
SetViewportExtEx
SetWindowExtEx
StartDocA
StrokePath

shell32

DragAcceptFiles
DragFinish
DragQueryPoint
ExtractAssociatedIconW
ExtractIconA
ExtractIconExW
SHBindToParent
SHBrowseForFolderA
SHCreateDirectoryExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListW
ShellExecuteEx
ShellExecuteExA
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_Destroy
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
InitCommonControls
PropertySheetA

advapi32

CloseServiceHandle
CryptAcquireContextA
CryptDestroyHash
CryptReleaseContext
DeregisterEventSource
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitiateSystemShutdownA
OpenServiceW
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExW
RegFlushKey
RegOpenKeyA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CoInitializeEx
CoLoadLibrary
CoRegisterMessageFilter
CoRevokeClassObject
CoUninitialize
CreateILockBytesOnHGlobal
CreateItemMoniker
IIDFromString
IsAccelerator
IsEqualGUID
OleDraw
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
PropVariantClear
RegisterDragDrop
ReleaseStgMedium
StgOpenStorage
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5db4f57ae43556d5d2ba0bc1c79435d5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 79KB - Virtual size: 80KB