379f5329c4d5f5a1825b9c62d902a62d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

379f5329c4d5f5a1825b9c62d902a62d_JaffaCakes118
Size

126KB
MD5

379f5329c4d5f5a1825b9c62d902a62d
SHA1

3ebb7c7d566f38a89f9e3854cc66b1085aaf21c0
SHA256

7d902bffa4dee12851fb35f06a34370bc8d9ac77d147af8cfc0dc4c478e0cf3f
SHA512

ba199cba68256b8f83f9b6f51c9b3234ca68f8b1e7183ff2b72b026327cfee52dc1bb0c0c73675f280866fd83953964ef2b55e8aaaf0fb763a5dfa3ada0552b2
SSDEEP

1536:8p7mQcHHwW9l6b7yHvy6lzqgTfWcXLJ/W:8ppW94nyHv3lzqgTfWoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379f5329c4d5f5a1825b9c62d902a62d_JaffaCakes118

Files

379f5329c4d5f5a1825b9c62d902a62d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c10e9b619dd3a2e58607948c7d55b1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetFileAttributesA
_llseek
MulDiv
FindNextFileA
FindFirstFileA
GetVersionExA
GlobalHandle
GlobalLock
GlobalAlloc
GetLocalTime
MoveFileExA
RemoveDirectoryA
SetFileAttributesA
LockResource
GetPrivateProfileIntA
DeleteFileA
FreeResource
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
SizeofResource
GetWindowsDirectoryA
lstrcatA
_lcreat
_lwrite
_lclose
OpenFile
lstrcpynA
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
_lread
GetDriveTypeA
GetSystemDirectoryA
_lopen
lstrcmpA
lstrcmpiA
GetModuleFileNameA
lstrlenA
lstrcpyA
GetTempPathA
GetTempFileNameA
CopyFileA
FindResourceA
LoadResource
GetPrivateProfileStringA
GlobalFree
GetCPInfo
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualAlloc
VirtualFree
UnhandledExceptionFilter
HeapDestroy
ReadFile
GetEnvironmentStringsW
GetACP
WinExec
HeapCreate
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
GetFullPathNameA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
GetLastError
GetOEMCP

user32

LoadBitmapA
RegisterClassA
LoadIconA
UpdateWindow
SetTimer
PeekMessageA
TranslateMessage
DdeDisconnect
SetWindowTextA
ShowWindow
GetMessageA
GetSysColor
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
PostMessageA
MessageBoxA
wsprintfA
ExitWindowsEx
CreateWindowExA
PostQuitMessage
EndPaint
GetClientRect
BeginPaint
DefWindowProcA
ReleaseDC
InvalidateRect
GetDC
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
FrameRect
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
DialogBoxParamA
SendMessageA
DdeCreateDataHandle
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DestroyWindow
SetFocus
DdeUninitialize
OemToCharA
GetDlgItem
SendDlgItemMessageA
GetWindowTextA
DispatchMessageA
ScreenToClient
KillTimer
GetDlgItemTextA
DdeFreeDataHandle
DdeGetData

gdi32

GetStockObject
CreateSolidBrush
SelectObject
RealizePalette
SelectPalette
ExtTextOutA
SetBkColor
DeleteDC
BitBlt
CreateCompatibleDC
GetTextExtentPointA
CreateFontIndirectA
GetDeviceCaps
GetObjectA
CreatePalette
CreateFontA
StretchBlt
CreateCompatibleBitmap
PatBlt
DeleteObject

comdlg32

GetOpenFileNameA

advapi32

RegEnumValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueA
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_SharedDlg@16

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c10e9b619dd3a2e58607948c7d55b1b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 13KB - Virtual size: 15KB

.rsrc Size: 55KB - Virtual size: 75KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 13KB - Virtual size: 15KB

.rsrc
Size: 55KB - Virtual size: 75KB