44c0d1780bb27d0275ae770031e02141_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44c0d1780bb27d0275ae770031e02141_JaffaCakes118
Size

135KB
MD5

44c0d1780bb27d0275ae770031e02141
SHA1

7570509b6271499e3a23a93692bab81d67a0a66f
SHA256

30c02dddb49b99aa30fde7f6bd5167e4e434007f4e122fda6c6d47509a4c7d84
SHA512

da8d6082ec37e78cbd410705f19c486682eed59ca84202d40cd5fe0ca8e02f4bf6fc5425150426d277a01a9e87034ddeac0cb2e356dc57a706e7f6f28010f8fa
SSDEEP

768:aAhH856mij2P7hpnEID1FsgYjQRkpBmDl7Y8Nw5bRknKz:aAhY6mZt3V3imD1+5bwK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c0d1780bb27d0275ae770031e02141_JaffaCakes118

Files

44c0d1780bb27d0275ae770031e02141_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d653d8f3660f5338072d344723fbaebd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
IsDBCSLeadByteEx
GetCommandLineA
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
RtlUnwind
SetEndOfFile
SetFileAttributesW
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
ExitProcess
EnumSystemLocalesA
DeleteFileW
DeleteFileA
CreateSemaphoreW
CreateMutexA
CreateFileMappingA
CreateDirectoryA
CompareStringW
CloseHandle
CreateFileA
VirtualAlloc
Sleep
GetProcessHeap
IsValidCodePage
LoadLibraryW

user32

SetForegroundWindow
SetWindowPos
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
TranslateMessage
UnhookWindowsHookEx
WinHelpW
PeekMessageA
OffsetRect
MessageBoxA
LoadStringW
LoadStringA
IsDlgButtonChecked
IsDialogMessageA
SetFocus
GetParent
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetActiveWindow
ExitWindowsEx
EndDialog
EnableWindow
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DestroyWindow
CreateDialogParamA
CheckDlgButton
CharUpperW
CharPrevA
CallNextHookEx
SetDlgItemTextW
SetDlgItemTextA
SendMessageW
SendMessageA
GetWindowRect
SendDlgItemMessageW
LoadCursorA
LoadIconA

gdi32

SetTextColor
SetTextAlign
SetBkColor
SelectObject
GetTextExtentPoint32W
GetObjectW
ExtTextOutW
DeleteObject
GetStockObject
CreateFontIndirectW

advapi32

RegDeleteValueA
RegEnumKeyExA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOverridePredefKey
RegOpenKeyExA
RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyA

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHBrowseForFolderW

comctl32

PropertySheetW

msvcrt

memcpy
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_wcsicmp
_wcsnicmp
exit
wcschr
wcsstr

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d653d8f3660f5338072d344723fbaebd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 129KB - Virtual size: 128KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 129KB - Virtual size: 128KB