017d03fc5059f86a0e1853e4df1e47d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

017d03fc5059f86a0e1853e4df1e47d2_JaffaCakes118
Size

89KB
MD5

017d03fc5059f86a0e1853e4df1e47d2
SHA1

b372e0c855c56c2df1b1f16596fe04388b6bd003
SHA256

5cda6f5906c519f453b83d8cde7c6bd9e4344d142374aa1c51b6a83d33f56ef2
SHA512

41b22e8c3f6cdeacc9fa1d41fe40492c6265d8e2ec4b77c3851e6d3af57c60200b4248c97ed7542b5d53855fb7533e5b7cf6a44e4cd8edc4eed6c671de6dfe80
SSDEEP

1536:6upYAWu69AwkLPz02mmICEdzWetVFJCFX4OxLILmTR9HRUc:TYAWpz+LHE9JtrEoOJTR95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017d03fc5059f86a0e1853e4df1e47d2_JaffaCakes118

Files

017d03fc5059f86a0e1853e4df1e47d2_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

2f45fb0ef446119d6c3f305a42d55768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\IPersist\Projects\KvmSMT\Midp_workspace_2_0_nhal_standalone-dll\Launcher\Release\Launcher.pdb

Imports

kernel32

GetLastError
MulDiv
GlobalUnlock
GlobalLock
lstrcmpA
WideCharToMultiByte
GetModuleFileNameA
SetLastError
lstrcmpiW
FreeLibrary
SizeofResource
LoadResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GlobalFree
GlobalHandle
LockResource
CloseHandle
UnmapViewOfFile
lstrlenW
MapViewOfFile
CreateFileMappingA
CreateFileA
GetProcAddress
LoadLibraryA
GetCurrentThreadId
ExitProcess
HeapSize
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
lstrlenA
FindResourceA
GlobalAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadReadPtr

user32

wsprintfA
RegisterClassExA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
GetParent
GetClassNameA
SetWindowPos
GetDlgItem
IsWindow
SendMessageA
GetFocus
IsChild
GetWindow
SetFocus
BeginPaint
LoadCursorA
CallWindowProcA
GetDesktopWindow
UnregisterClassA
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
DestroyWindow
DefWindowProcA
DestroyAcceleratorTable
LoadStringA
GetWindowLongA
GetActiveWindow
MapDialogRect
SetWindowContextHelpId
GetWindowRect
SystemParametersInfoA
MapWindowPoints
EndDialog
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
EndPaint
GetClassInfoExA
SetWindowLongA
RedrawWindow
MessageBoxA

gdi32

CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance

oleaut32

VariantCopyInd
VariantChangeType
DispCallFunc
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f45fb0ef446119d6c3f305a42d55768

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 916B

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 916B

.rsrc
Size: 12KB - Virtual size: 8KB