0339919b0f2251fcc4e3886297f3c799_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0339919b0f2251fcc4e3886297f3c799_JaffaCakes118
Size

9.5MB
MD5

0339919b0f2251fcc4e3886297f3c799
SHA1

8edfac44ad697ff07080a79194d2efec0a677fcb
SHA256

e4b8c0d2b6e45d5af8926d279e1c975582366aea8941f1dbdbf6fc80eefd1c76
SHA512

a05fd77139eaec058535e92e0505cd2df90bd9e03bb85134c49a159f09e8a256930ebc800dcc80c208e1c059433cfaf349d775379b91637e79de89be288dbafe
SSDEEP

196608:gg0V1aRQmT0clF74+WNulHdkhFibhv8AYh0cf8wvFgw62DwH:gg2EQM0clFs+yG9kq1YlkwvFgGD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0339919b0f2251fcc4e3886297f3c799_JaffaCakes118

Files

0339919b0f2251fcc4e3886297f3c799_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db9e3ac88ccb167c203e77b0c03b8aa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

WideCharToMultiByte
ReadFile
WriteFile
GetFileSize
ExitProcess
GetLastError
CreateMutexW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDiskFreeSpaceW
ExitThread
InterlockedDecrement
Sleep
CreateThread
GetExitCodeThread
LockResource
LoadResource
FindResourceW
GetModuleHandleW
ResumeThread
SuspendThread
GetModuleFileNameW
CreateProcessW
LoadLibraryW
CopyFileW
GetTempFileNameW
GetTempPathW
GetCommandLineW
GetProcAddress
FindClose
FindFirstFileW
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetStdHandle
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCurrentProcessId
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetHandleCount
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
HeapSize
IsBadWritePtr
VirtualAlloc
CreateFileW
CloseHandle
DeleteFileW
SetFilePointer
CreateDirectoryW
GetUserDefaultLangID
GetSystemDefaultLangID
GetFullPathNameW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetLocaleInfoA
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
LocalFree
HeapAlloc
HeapFree
RtlUnwind
FindFirstFileA
FindNextFileA
GetCurrentProcess
EnterCriticalSection
TerminateProcess
GetTickCount
CreateFileA
FlushFileBuffers
DeleteFileA
GetStdHandle
SetEndOfFile
SetFileTime
GetFileType
GetModuleFileNameA
CompareStringA
CompareStringW
IsDBCSLeadByte
GetCPInfo
GetVersionExA
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
GetModuleHandleA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
GetFullPathNameA
CreateDirectoryA

user32

LoadIconW
LoadCursorW
RegisterClassW
CreateWindowExW
CreateDialogParamW
GetWindowRect
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
SetFocus
PostQuitMessage
SendMessageA
DestroyWindow
CreateDialogIndirectParamW
SetWindowPos
UpdateWindow
SetWindowTextW
PostMessageW
EndDialog
SetDlgItemTextW
GetDlgItem
CheckDlgButton
GetDlgItemTextW
GetUpdateRect
BeginPaint
EndPaint
SendMessageW
DefWindowProcW
GetSystemMetrics
EnumChildWindows
MessageBoxW
EnableWindow
wsprintfW
GetDesktopWindow
GetDC
ReleaseDC
CharToOemBuffA
CharUpperW
OemToCharA
OemToCharBuffA
CharToOemA
CharLowerA
CharUpperA
CharLowerW
ShowWindow

gdi32

SetDIBitsToDevice
DeleteObject
CreateDIBSection

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

CoCreateGuid
StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeSecurity

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysAllocString
SysFreeString

comctl32

ord17

Sections

.text
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256.1MB - Virtual size: 256.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db9e3ac88ccb167c203e77b0c03b8aa7

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 256KB - Virtual size: 253KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 1.3MB - Virtual size: 1.4MB

.rsrc Size: 256.1MB - Virtual size: 256.1MB

.text
Size: 256KB - Virtual size: 253KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 1.3MB - Virtual size: 1.4MB

.rsrc
Size: 256.1MB - Virtual size: 256.1MB