0feae40a27f417a51caa1ddbdfb2007d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0feae40a27f417a51caa1ddbdfb2007d_JaffaCakes118
Size

924KB
MD5

0feae40a27f417a51caa1ddbdfb2007d
SHA1

ef0025f4319545f52c46e0ddc6f51da77efe0f96
SHA256

75a3c7ae0d3997b13a5fa115f6b9d26832f9bfa863ddfdcd7737590e3f9e21e2
SHA512

ba14c8357b7bae7dd215cdb0a20a67d889bb92cd4ea9f0d11efe758ccf092d64c1c06cbdc069504135a0b1647911532ebb3d0c998280570656dd48e79514d253
SSDEEP

24576:cNrTNcsyK8UU+qiD9EL5v7beQYP94MsiqF:wrWsAiD45v7bR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0feae40a27f417a51caa1ddbdfb2007d_JaffaCakes118

Files

0feae40a27f417a51caa1ddbdfb2007d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acb301b123ee2f867e0ce25f4224421c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
FreeLibrary
ExitProcess
LoadLibraryExW
lstrcatW
GetVersion
CreateProcessW
lstrcmpiW
GetFullPathNameW
lstrcpyW
Sleep
SearchPathW
GetSystemDirectoryW
WriteFile
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetProcAddress
WaitForSingleObject
CopyFileW
CreateDirectoryW
lstrcpynA
GetTempFileNameW
GlobalLock
GetShortPathNameW
lstrcmpW
GetTickCount
lstrcpynW
CreateThread
CreateFileW
ReadFile
MoveFileW
LoadLibraryA
SetErrorMode
WideCharToMultiByte
GetCommandLineW
SetCurrentDirectoryW
FindClose
GetModuleHandleW
HeapAlloc
HeapCreate
GetModuleHandleA
GetTempPathW
CloseHandle
lstrcpyA
GlobalUnlock
RemoveDirectoryW
OpenProcess
SetFilePointer
CompareFileTime
GlobalAlloc
MultiByteToWideChar
LoadLibraryW
WritePrivateProfileStringW
DeleteFileW
SetFileTime
GetVersionExW
SetFileAttributesW
GetFileAttributesW
GetExitCodeProcess
GlobalFree
GetDiskFreeSpaceW
lstrcmpiA
GetWindowsDirectoryW
GetLastError
MulDiv
GetModuleFileNameW
FindNextFileW
GetCurrentProcess
GetFileSize
FindFirstFileW
lstrlenA

user32

DefWindowProcW
CharNextW
GetMessagePos
LoadCursorW
LoadBitmapW
IsWindowVisible
GetSystemMetrics
IsWindow
CloseClipboard
CheckDlgButton
PostQuitMessage
OpenClipboard
SystemParametersInfoW
PeekMessageW
GetSysColor
DispatchMessageW
CharPrevW
EndDialog
ExitWindowsEx
AppendMenuW
TrackPopupMenu
SetWindowTextW
IsWindowEnabled
GetClassInfoW
GetSystemMenu
SetDlgItemTextW
wsprintfA
GetDlgItemTextW
GetWindowRect
SetClassLongW
LoadImageW
MessageBoxIndirectW
SetWindowPos
CharNextA
CharUpperW
DestroyWindow
EmptyClipboard
SendMessageW
CallWindowProcW
ScreenToClient
EndPaint
CreateDialogParamW
GetWindowLongW
SetWindowLongW
FindWindowExW
ShowWindow
wsprintfW
EnableMenuItem
DialogBoxParamW
SetTimer
RegisterClassW
GetDC
CreateWindowExW
FillRect
SendMessageTimeoutW
EnableWindow
SetClipboardData
SetForegroundWindow
InvalidateRect
BeginPaint
CreatePopupMenu
GetClientRect
DrawTextW
SetCursor
GetDlgItem

gdi32

CreateFontIndirectW
SetBkColor
SelectObject
SetBkMode
GetDeviceCaps
CreateBrushIndirect
DeleteObject
SetTextColor

advapi32

RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation

ole32

OleUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

secur32

QuerySecurityPackageInfoA

wldap32

ord60

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyu
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acb301b123ee2f867e0ce25f4224421c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

secur32

wldap32

Sections

.text Size: 142KB - Virtual size: 141KB

.xyu Size: 512B - Virtual size: 298B

.rdata Size: 662KB - Virtual size: 661KB

.data Size: 110KB - Virtual size: 1.1MB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 142KB - Virtual size: 141KB

.xyu
Size: 512B - Virtual size: 298B

.rdata
Size: 662KB - Virtual size: 661KB

.data
Size: 110KB - Virtual size: 1.1MB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB