0c220ab2ba2d4f4644d5c3c8147312ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c220ab2ba2d4f4644d5c3c8147312ab_JaffaCakes118
Size

1.0MB
MD5

0c220ab2ba2d4f4644d5c3c8147312ab
SHA1

726f12e1ea15efe8165f009f4314c0fab703de69
SHA256

924406f1c210285045ead301c35d5a9a8d683490a1196f7e8b64dd4fcdcaa33b
SHA512

b315c4e7986d87646d20726332773218c1eeabb4fad97a21bc0162b0bff39df0dec8b94e78bffb226c70f824e52e88bdfbf87e3cb41652e55de254268b5ad923
SSDEEP

24576:leGVeUEBb6si0XttT5A9q+O2+u9A99Js68:/S6YtT5A9NOxuejJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c220ab2ba2d4f4644d5c3c8147312ab_JaffaCakes118

Files

0c220ab2ba2d4f4644d5c3c8147312ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e52e4745de154f0fc044c4601fb8eeb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\temp\534siv0n.2hl\installer\gfx\release\setup.pdb

Imports

kernel32

GetFileAttributesW
MoveFileW
RemoveDirectoryW
GetCurrentDirectoryW
CreateFileW
GetFileSize
ReadFile
MultiByteToWideChar
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LoadLibraryW
GetPrivateProfileStringW
CreateMutexW
CreateThread
GetModuleFileNameA
WriteFile
GetLocalTime
GetCommandLineW
GetTickCount
SetFilePointer
EnumResourceLanguagesW
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersion
ConvertDefaultLocale
GetLocaleInfoW
GetVersionExW
GetCurrentProcess
GetSystemInfo
GetSystemWow64DirectoryW
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateProcess
GetExitCodeProcess
CreateEventW
SetEvent
GlobalAlloc
CompareFileTime
GlobalUnlock
GlobalFree
ExitProcess
Sleep
SetEndOfFile
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
LoadLibraryA
GetOEMCP
GetACP
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStartupInfoA
SetHandleCount
GetCurrentThreadId
GetFileType
GetStdHandle
HeapCreate
HeapDestroy
CopyFileW
GetTempFileNameW
GetTempPathW
GetEnvironmentVariableW
GetSystemDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryExW
GlobalLock
SetErrorMode
SetFileAttributesW
MoveFileExW
DeleteFileW
WaitForSingleObject
CreateProcessW
SetLastError
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindNextFileW
FindClose
TlsAlloc
FindFirstFileW
LocalFree
GetModuleFileNameW
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
TlsSetValue
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
TlsGetValue
HeapReAlloc
VirtualAlloc
VirtualFree
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
RaiseException
WideCharToMultiByte
CloseHandle
CreateFileA
TlsFree
GetStartupInfoW
GetProcessHeap
GetVersionExA
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
GetConsoleCP
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
LocalAlloc

user32

SetFocus
GetDlgItem
SendMessageW
ShowWindow
EndDialog
SetDlgItemTextW
SetTimer
SendDlgItemMessageW
DialogBoxIndirectParamW
MonitorFromWindow
GetMonitorInfoW
OffsetRect
GetWindowLongW
AdjustWindowRect
GetWindowRect
DrawTextW
LoadIconW
SetRectEmpty
PostMessageW
EnableWindow
ReleaseDC
GetDC
wsprintfW
SetWindowPos
GetClientRect
SetWindowTextW
MessageBoxIndirectW
LoadImageW
SendMessageTimeoutW
ExitWindowsEx
EnumWindows
GetWindowThreadProcessId
GetWindowModuleFileNameW
LoadStringW
DialogBoxParamW
MessageBoxW
KillTimer

gdi32

SetBkMode
SetTextColor
DeleteDC
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
DeleteObject
CreateFontW
GetStockObject

advapi32

RegDeleteValueW
RegEnumValueW
RegCloseKey
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
IsTextUnicode
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
DeleteService
ControlService
StartServiceW
CloseServiceHandle
ChangeServiceConfigW
ChangeServiceConfig2W
CreateServiceW
OpenServiceW
OpenSCManagerW
QueryServiceStatus
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHCreateDirectoryExA
CommandLineToArgvW

ole32

CoUninitialize
CoCreateInstance
CLSIDFromString
CoInitialize

cabinet

ord22
ord23
ord20
ord21

setupapi

SetupDiDestroyDeviceInfoList
SetupOpenInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetLineTextW
SetupGetStringFieldW
SetupFindNextLine
SetupDiGetINFClassW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW

shlwapi

PathAppendA
PathFindFileNameA
PathAddBackslashA
PathRemoveFileSpecA
PathFileExistsW
PathRenameExtensionW
PathRemoveBackslashW
PathIsRootW
PathIsSystemFolderW
PathMatchSpecA
PathStripToRootW
PathIsDirectoryW
PathAddBackslashW
PathCombineW
PathRemoveFileSpecW
PathFindExtensionW
PathStripPathW
PathFindFileNameW
SHDeleteKeyW
PathAppendW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
EnumProcessModules

Sections

.text
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e52e4745de154f0fc044c4601fb8eeb6

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

cabinet

setupapi

shlwapi

version

psapi

Sections

.text Size: 336KB - Virtual size: 332KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 628KB - Virtual size: 628KB

.text
Size: 336KB - Virtual size: 332KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 628KB - Virtual size: 628KB