448751100e50841b5e878d844b08fde0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

448751100e50841b5e878d844b08fde0_JaffaCakes118
Size

295KB
MD5

448751100e50841b5e878d844b08fde0
SHA1

8d42426f99b1b71f763da266adf0f0e214b8fa32
SHA256

65de92ca2459b319191107f57ff0461b282d14d766c9480a76e5ac1196b40902
SHA512

b3f7e5284230972985f593ea14a01427652ec6c57c0119feb1fe8d891eed35f9fe26de2fa9192ef05c222aec00b0f4e81533b2efc0d1235dc11a9cc26ab085a1
SSDEEP

3072:R5AK36aJPiGako28/2PsrhrGzoLdchEc/476M0FTNgZ18MCmYxPfbGmGFDuSQxnl:EK36aYtf+PABLeK576M0VgqMxmGYS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
448751100e50841b5e878d844b08fde0_JaffaCakes118

Files

448751100e50841b5e878d844b08fde0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

306b4dccb4c21d3a2221d62cf9a133df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapReAlloc
InterlockedExchange
IsDBCSLeadByteEx
LCMapStringA
LCMapStringW
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
ReleaseMutex
RtlUnwind
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
SystemTimeToFileTime
HeapAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteFile
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
GetSystemTime
GetSystemInfo
GetModuleHandleA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetDiskFreeSpaceA
GetCPInfo
GetACP
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateMutexA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CloseHandle
GetProcAddress
Sleep
GetStartupInfoA
GetCommandLineW
TlsAlloc

user32

SetFocus
SetDlgItemTextA
SendMessageA
PeekMessageA
OffsetRect
MessageBoxA
LoadStringA
IsDlgButtonChecked
IsDialogMessageA
SetForegroundWindow
GetParent
GetDlgItem
GetDesktopWindow
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
CreateDialogParamA
CheckDlgButton
CharPrevA
SetWindowPos
ShowWindow
SystemParametersInfoA
GetWindowRect
TranslateMessage
LoadIconA
LoadIconW
LoadCursorA

gdi32

SetTextAlign
SetBkColor
SelectObject
GetTextExtentPoint32W
SetTextColor
ExtTextOutW

advapi32

RegEnumKeyExA
RegOverridePredefKey
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHBrowseForFolderW

comctl32

CreateStatusWindowW
PropertySheetW

msvcrt

memcpy
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_vsnwprintf
_wcsicmp
_wcsnicmp
_wsplitpath
ctime
exit
time
wcschr
wcsstr

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text5
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

306b4dccb4c21d3a2221d62cf9a133df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcrt

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 868B

.text6 Size: 12KB - Virtual size: 12KB

.text5 Size: 12KB - Virtual size: 12KB

.text4 Size: 12KB - Virtual size: 12KB

.text3 Size: 242KB - Virtual size: 242KB

.text2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 576B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 868B

.text6
Size: 12KB - Virtual size: 12KB

.text5
Size: 12KB - Virtual size: 12KB

.text4
Size: 12KB - Virtual size: 12KB

.text3
Size: 242KB - Virtual size: 242KB

.text2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 576B