445eb194754c27879a63d35759596e10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

445eb194754c27879a63d35759596e10_JaffaCakes118
Size

88KB
MD5

445eb194754c27879a63d35759596e10
SHA1

ef51ac6434866bbd9f9b3fa41fbf226809526f13
SHA256

a361730e2bff765a6bc2e2c6710678656ea3572c8b9cb1f9eabbc61533fb66b0
SHA512

24e8a785343b3f3cd8c2de41815933411037583c5560d683e81562eca947279dda29f57d439faf0eca9b716e6c744796e92954ab3ee0e7aae110e71da16b1dd5
SSDEEP

768:K6DRUfhSsK5bCUK4gnPuoQlWNIK9tSsXB64cdrtA+ygQ7n+DV7xZxIjVK:5DGY5bfKBPBGWUsE4QrtFQyp6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445eb194754c27879a63d35759596e10_JaffaCakes118

Files

445eb194754c27879a63d35759596e10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4a15a742e3dc9808a289e2251186f464

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
LocalUnlock
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
RtlUnwind
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
UnhandledExceptionFilter
LocalFree
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
GetWindowsDirectoryW
CreateFileA
LocalAlloc
LoadLibraryW
LoadLibraryA
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsBadReadPtr
InterlockedExchange
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExW
GetVersionExA
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDefaultLCID
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileSize
GetEnvironmentStringsW
GetEnvironmentStrings
GetDateFormatW
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCommandLineA
GetCPInfo
AreFileApisANSI
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExitProcess
EnumSystemLocalesA
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateSemaphoreW
CreateFileW
CreateFileMappingW
CreateEventW
CreateEventA
CompareStringW
CloseHandle
UnmapViewOfFile

user32

SetWindowTextA
SetWindowPos
SetWindowLongW
SetWindowLongA
SetTimer
SetRect
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursor
SendMessageW
SendMessageA
SendDlgItemMessageW
ReleaseDC
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClassW
RegisterClassA
RedrawWindow
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxW
MapWindowPoints
LoadStringW
LoadStringA
LoadIconA
LoadCursorA
KillTimer
IsWindowVisible
IsWindowEnabled
IsDialogMessageA
InvalidateRect
GetWindowRect
GetWindowLongW
GetWindowLongA
SetWindowTextW
GetThreadDesktop
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetProcessWindowStation
GetParent
GetMessageA
GetFocus
GetDlgItemTextW
GetDlgItem
GetDC
GetClientRect
GetActiveWindow
FindWindowW
FindWindowExW
FindWindowExA
FindWindowA
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableWindow
DrawTextW
DrawTextA
DrawIconEx
DrawIcon
SetWindowsHookExW
LoadIconW
wsprintfW
WinHelpW
AttachThreadInput
BeginPaint
CallNextHookEx
CallWindowProcW
CharUpperW
CreateDialogParamA
CreateDialogParamW
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefDlgProcW
WinHelpA
UpdateWindow
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoA
ShowWindow
GetUserObjectInformationW
DrawFocusRect
DrawAnimatedRects
DispatchMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
DefWindowProcA
MessageBoxA

gdi32

Rectangle
RestoreDC
SaveDC
SelectObject
PatBlt
SetBkColor
SetTextColor
StretchBlt
TranslateCharsetInfo
OffsetRgn
GetTextMetricsW
GetTextExtentPointA
GetTextExtentPointW
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextExtentExPointW
GetStockObject
GetRgnBox
GetObjectW
GetObjectA
GetFontData
GetBitmapBits
FillRgn
ExtTextOutW
ExtTextOutA
EnumFontFamiliesW
EnableEUDC
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreatePolygonRgn
CreatePen
CreateFontIndirectW
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SetBitmapBits
BitBlt

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW

advapi32

RegOpenKeyExA
GetUserNameW
OpenProcessToken
OpenThreadToken
RegCloseKey
RegSetValueExW
RegSetValueExA
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExW
GetUserNameA
RegEnumValueW
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA

shell32

ShellExecuteW
ExtractIconExW
CommandLineToArgvW
ShellAboutW

ole32

StringFromGUID2
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW
StrToIntW
PathFindFileNameW
PathQuoteSpacesW

comctl32

ImageList_Draw
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

msvcrt

__argc
__argv
__dllonexit
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_wcmdln
_wtoi
exit
free
malloc
qsort
strncpy
toupper
wcschr
wcscmp
wcsrchr
wcsstr
wcstok
wcstol
_XcptFilter
__CxxFrameHandler

imm32

ImmAssociateContext
ImmConfigureIMEW
ImmCreateContext
ImmDestroyContext
ImmEnumRegisterWordW
ImmEscapeW
ImmGetCompositionStringW
ImmGetConversionStatus
ImmIsIME
ImmRegisterWordW
ImmSetCompositionStringW
ImmSetConversionStatus

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a15a742e3dc9808a289e2251186f464

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

msvcrt

imm32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 37KB - Virtual size: 36KB

.rsrc Size: 2KB - Virtual size: 521KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 2KB - Virtual size: 521KB