0dfdd8bd2f5abedfc6e189530d2dec5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0dfdd8bd2f5abedfc6e189530d2dec5e_JaffaCakes118
Size

172KB
MD5

0dfdd8bd2f5abedfc6e189530d2dec5e
SHA1

2b5f3ee883444f8665707d0f36d29370ecabd8ab
SHA256

bbff5cad91aa9a354517d83c941378554d59c3b03b0fb599b0ffd412544c6dee
SHA512

32b1482fb8ffcab213753f585d91bb4a3c963c38c9687334974ecc566f520045622a4c3507c1c2e05021b7f30ef8495f006c109a80049d0668549fd9c31f4a59
SSDEEP

3072:xYwaarBf+JB1KdebYPlbd5QVixLYuxyxPS5djYQ/MVCCktDOsVvajfafAkT8Dr11:CwaaVfE1KdebYPlbd5QVixLYuxyxPS5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfdd8bd2f5abedfc6e189530d2dec5e_JaffaCakes118

Files

0dfdd8bd2f5abedfc6e189530d2dec5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22f68d899ca68dba3afbf2582d118bc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetShortPathNameA
MoveFileExA
LocalAlloc
GetCurrentThread
Sleep
FreeLibrary
UnmapViewOfFile
SetEnvironmentVariableA
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
TerminateProcess
OpenProcess
MultiByteToWideChar
GetStartupInfoA
SetEndOfFile
SetFilePointer
GetCurrentThreadId
GetCurrentProcessId
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
GetCurrentProcess
CopyFileA
GetModuleHandleA
GetProcAddress
FindFirstFileA
SetLastError
FindNextFileA
FindClose
CreateProcessA
WaitForSingleObject
GetVersionExA
GetExitCodeProcess
CloseHandle
WinExec
OpenFile
_lclose
SetFileAttributesA
DeleteFileA
GetFullPathNameA
SetCurrentDirectoryA
GetLastError
FormatMessageA
LocalFree
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
GetUserDefaultLangID
GetModuleFileNameA
GetComputerNameA
GetPrivateProfileStringA

user32

LoadStringA
ExitWindowsEx
wsprintfA
GetWindowInfo
SendMessageA
GetSystemMetrics
GetClientRect
MessageBoxA
GetDlgItem
EnableWindow
EndDialog
IsDlgButtonChecked
SetWindowPos
OffsetRect
CopyRect
GetWindowRect
GetDesktopWindow
GetParent
DialogBoxParamA
SetDlgItemTextA

advapi32

AddAccessAllowedAce
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenThreadToken
ImpersonateSelf
CloseServiceHandle
OpenServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
RegQueryValueExA
RegEnumValueA
SetSecurityDescriptorOwner

shell32

SHGetFolderPathA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

setupapi

SetupDiCreateDeviceInfoA
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiSetDeviceRegistryPropertyA
SetupDiRegisterDeviceInfo
SetupDiGetINFClassA
SetupDiClassGuidsFromNameA
SetupDiGetDeviceInstanceIdA
SetupDiSetDeviceInstallParamsA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupDiDestroyDriverInfoList
SetupDiSetSelectedDevice
SetupDiRemoveDevice
SetupDiCreateDeviceInfoList

comctl32

ord17

shlwapi

PathIsDirectoryA

msvcrt

_stricmp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbstok
_mbscmp
_itoa
_except_handler3
strstr
strchr
memmove
strtoul
_strdup
_mbsnbcmp
_mbsnbicmp
__CxxFrameHandler
fopen
_controlfp
__set_app_type
__p__fmode
__p__commode
tmpfile
fclose
rewind
vsprintf
fgetc
_mbsnbcpy
sscanf
fprintf
_mbsstr
toupper
_mbsrchr
_mbschr
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbsicmp
sprintf
_adjust_fdiv

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22f68d899ca68dba3afbf2582d118bc1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

setupapi

comctl32

shlwapi

msvcrt

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 119KB - Virtual size: 136KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 119KB - Virtual size: 136KB