079867d10562f516fe9d63984cefd610_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

079867d10562f516fe9d63984cefd610_JaffaCakes118
Size

356KB
MD5

079867d10562f516fe9d63984cefd610
SHA1

cb83a2cdabc0926d3ce1f12e4366499d19cbc542
SHA256

ae49ab11932640d1e11da20a37e61f3beedc3c3b4d7c79f477014c780739b262
SHA512

0d266f6106970532be1943bce5fa66a8e4d2f94996a13cf8e1b13b3d69e472a548339724266e51c67b89e9af75716953f624dbbc399d1a105066f58de3bdd1eb
SSDEEP

6144:7StvCSjew9+lKXejC5r166VOWO77im6A4ALapkb3kNmkA/seLNxDwk1zbxD9:s6Sjv+0uu6jJ7OhgLaibijt87wGz1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
079867d10562f516fe9d63984cefd610_JaffaCakes118

Files

079867d10562f516fe9d63984cefd610_JaffaCakes118
.exe windows:3 windows x86 arch:x86

aabc8cf523ac82887fe39cf9c791c3a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetMalloc

user32

DispatchMessageW
ReleaseDC
EnumThreadWindows
SendMessageW
RegisterClassExW
LoadIconW
GetClientRect
CreateWindowExW
SendDlgItemMessageW
PostMessageW
SetWindowLongW
MessageBoxA
EnableWindow
IsWindow
GetParent
SystemParametersInfoW
SendMessageA
GetWindowLongA
TranslateMessage
GetSysColor
EndDialog
SetForegroundWindow
PostQuitMessage
SetTimer

shlwapi

StrCmpW
PathIsDirectoryW
SHGetValueW
StrCmpIW
StrCpyNW
StrCatW
PathIsRootW
StrChrIW
StrDupW

setupapi

SetupCloseInfFile
SetupFindFirstLineW
SetupGetLineCountW

kernel32

GetStartupInfoA
SetFileAttributesW
GetDiskFreeSpaceW
SetCommTimeouts
VirtualFree
CloseHandle
HeapCreate
SetFilePointer
GetCommState
ExitProcess
GetTempFileNameA
GetProcessHeap
InitializeCriticalSection
UnhandledExceptionFilter
GetVersionExW
HeapReAlloc
GetVersion
DeleteFileA
IsDBCSLeadByte
lstrcpyW
DebugBreak
WaitForMultipleObjects
GetTickCount
WaitForSingleObject
SetUnhandledExceptionFilter
GetEnvironmentVariableW
FileTimeToLocalFileTime
ResetEvent
CreateFileW
GetTempPathA
GetWindowsDirectoryW
GetLastError
TerminateProcess
HeapQueryInformation
GetModuleHandleA
WideCharToMultiByte
FormatMessageW
SetCommState
GetCurrentThreadId
FindNextFileW
CopyFileW
LeaveCriticalSection
QueryPerformanceCounter
GetSystemDirectoryW
lstrlenA
GetSystemTimeAsFileTime
GetModuleFileNameW
HeapFree
FindClose
FormatMessageA
LoadLibraryW
OpenProcess
CreateEventW
ReadFile
CreateMutexW
GetCurrentDirectoryW
GetVersionExA
VirtualAlloc
CreateThread

advapi32

LookupAccountSidW
RegOpenKeyW
RegSetValueExW
RegQueryValueW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
OpenProcessToken
RegOpenKeyExW
GetTokenInformation
AllocateAndInitializeSid

msvcrt

towlower
wcscat
wcsncpy
memmove
exit
wcscpy
_ftol
_wcsicmp
free
iswspace
_wcsnicmp
wcschr
_XcptFilter
wcsrchr
??3@YAXPAX@Z
_acmdln
_wtoi
strtoul
setlocale
_initterm
__getmainargs
_controlfp

ole32

CLSIDFromString
OleInitialize
CoTaskMemFree
CoInitialize
OleUninitialize
CoTaskMemAlloc

Sections

.text
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aabc8cf523ac82887fe39cf9c791c3a3

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

shlwapi

setupapi

kernel32

advapi32

msvcrt

ole32

Sections

.text Size: 259KB - Virtual size: 259KB

.data Size: 31KB - Virtual size: 30KB

.rsrc Size: 64KB - Virtual size: 712KB

.text
Size: 259KB - Virtual size: 259KB

.data
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 64KB - Virtual size: 712KB