14ba3d83ddc50d09c771208739df7f6a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14ba3d83ddc50d09c771208739df7f6a_JaffaCakes118
Size

991KB
MD5

14ba3d83ddc50d09c771208739df7f6a
SHA1

8904ebdf1e533de79ca7ccc6915c8ab3beb92b45
SHA256

c7c9b1789fb1c7c5b840467c2b807ba1b69a98b333e8b74cb3282416db9ccad4
SHA512

93e7e6a05b43a4b57167a504027813af86aa62fa6e3f6f95bf8799db8fca6b3787edb49cddb6e2378e791ab58223f41bb583ba5464f71f54d687bda6ca1ccef0
SSDEEP

24576:7plJ/+NTr7nuON0wzD/UjubRXey8/gEZNZSG6gD:HJ/YTnuY0wzD/TFXq/dLZSGf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ba3d83ddc50d09c771208739df7f6a_JaffaCakes118

Files

14ba3d83ddc50d09c771208739df7f6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e175f07af9356d3f3ea8ab0527b9fe78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

rpcrt4

UuidToStringA
UuidCreate

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

CreateProcessA
WinExec
GetComputerNameA
GetVolumeInformationA
GetTickCount
GetCurrentProcessId
HeapReAlloc
SetFilePointer
GetModuleHandleA
GetCurrentProcess
GlobalMemoryStatusEx
GetDiskFreeSpaceExA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetLocaleInfoA
HeapSize
RtlUnwind
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetHandleCount
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
FreeLibrary
WaitForSingleObject
CreateThread
WritePrivateProfileStringA
GetFileAttributesA
GetExitCodeProcess
SetCurrentDirectoryA
GetCurrentDirectoryA
Sleep
GetTempPathA
GetVersionExA
ExitProcess
CreateMutexA
LoadLibraryA
GetProcAddress
lstrcmpiA
lstrcmpA
GetPrivateProfileStringA
lstrlenA
lstrcatA
lstrcpynA
lstrcpyA
HeapFree
WriteFile
DeleteFileA
GetProcessHeap
HeapAlloc
CreateDirectoryA
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA
CloseHandle
GetLastError
LocalFree
LocalAlloc
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetFileType
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime

user32

CreateWindowExA
DefWindowProcA
GetWindowLongA
GetDC
GetClientRect
PostQuitMessage
SendMessageA
GetMessageA
DispatchMessageA
ExitWindowsEx
GetParent
LoadIconA
RedrawWindow
ShowWindow
IsWindow
SystemParametersInfoA
GetWindowTextLengthA
CheckRadioButton
PostMessageA
GetWindowTextA
IsDlgButtonChecked
GetFocus
UpdateWindow
SetCursor
DestroyWindow
LoadCursorA
MessageBoxA
FillRect
GetWindowRect
GetDlgCtrlID
GetDlgItem
EnableWindow
SetWindowTextA
EndPaint
RegisterClassExA
GetWindowDC
BeginPaint
DrawFocusRect
SetWindowLongA
InvalidateRect
ReleaseDC
IsDialogMessageA
SetForegroundWindow
FindWindowA
SetFocus
TranslateMessage

gdi32

CreateDIBitmap
DeleteObject
DeleteDC
BitBlt
GetObjectA
CreateCompatibleDC
CreateSolidBrush
SetBkColor
SetTextColor
SelectObject
TextOutA
CreateFontA
SetBkMode
GetStockObject

advapi32

AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
CheckTokenMembership
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
FreeSid
SetFileSecurityA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclA

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc

shlwapi

StrNCatA
AssocQueryStringA
StrStrIA
PathFileExistsA
StrStrA
wnsprintfA

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 798KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e175f07af9356d3f3ea8ab0527b9fe78

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

rpcrt4

version

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 798KB - Virtual size: 806KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 798KB - Virtual size: 806KB

.rsrc
Size: 5KB - Virtual size: 5KB