54acf8e07a885ab93facb77d292d90e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

54acf8e07a885ab93facb77d292d90e8_JaffaCakes118
Size

326KB
MD5

54acf8e07a885ab93facb77d292d90e8
SHA1

286c923b38f243c936590623ed361b5304244e11
SHA256

b8126189c9b4cdc52bfd7d242f204c82e7448eec582416500e512c6b139c7d93
SHA512

e577a07ded06e7c212a0f827ed287a6ab49870d8a236ab8d99a22df3b3aa311dfe7c3b187f9e7de35d4f097f6e038a38cc4ce2c76a3c11bc29dd2fe3639e395e
SSDEEP

6144:FOtbXUGrCySufYva9zlMT6uSNcxkHJDY4oSR0IONpcBQCq9/92oucu:FSUuXSufGa9+2uSNcwJ3RkNq2f/9NDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54acf8e07a885ab93facb77d292d90e8_JaffaCakes118

Files

54acf8e07a885ab93facb77d292d90e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c276648307a3afdced0e29427b13d3c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_amsg_exit
_CxxThrowException
memcpy
_wcsnicmp
_initterm
malloc
_adjust_fdiv
memset
_XcptFilter
free
bsearch
_vsnwprintf
_wcsicmp

shlwapi

StrCmpIW
StrToIntW
StrDupW
StrCmpNW
PathFindFileNameW
StrSpnW
StrCmpW
StrCSpnW
StrRChrW

samlib

SamAddMemberToAlias

ntdll

NtAllocateVirtualMemory

user32

LoadCursorW
SetWindowPos
GetDC
DestroyWindow
GetParent
GetWindowRect
CreateWindowExW
CallWindowProcW
DefWindowProcW
SendMessageW
LoadStringW
MoveWindow
MessageBoxW
SetScrollPos
GetClientRect
DrawTextW
EndDialog
GetWindowLongW
SetDlgItemTextW
ReleaseDC
GetDlgItemTextW
SetScrollRange
GetWindowTextW
DialogBoxParamW
EnableWindow
GetScrollInfo
SetWindowTextW
GetDlgItem
RegisterClassA
CreateWindowExA
SetWindowLongW
UnregisterClassA
ShowWindow

gdi32

GetTextMetricsW
GetStockObject
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
SelectObject

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

SetLastError
LoadResource
GlobalFree
GetPrivateProfileSectionA
MultiByteToWideChar
MapViewOfFile
InterlockedExchange
WritePrivateProfileSectionA
FormatMessageW
FindResourceExW
QueryPerformanceCounter
CreateFileMappingW
CreateFileW
DeleteCriticalSection
LeaveCriticalSection
AddAtomA
HeapFree
FindAtomA
GetModuleFileNameW
WritePrivateProfileStringW
Sleep
UnhandledExceptionFilter
GetCurrentProcessId
GetTickCount
FindResourceW
FreeLibrary
CloseHandle
lstrlenA
GetSystemTimeAsFileTime
lstrcmpiW
GetFileAttributesW
LocalAlloc
GlobalAlloc
GetCurrentProcess
HeapAlloc
GetVersionExW
CompareStringW
GetLastError
SearchPathW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetProcessHeap
EnterCriticalSection
GetPrivateProfileStringW
InitializeCriticalSection
InterlockedCompareExchange
SetFilePointer
GetUserDefaultUILanguage
DeleteAtom
WritePrivateProfileSectionW
lstrlenW
WideCharToMultiByte
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
WriteFile
LocalFree
DisableThreadLibraryCalls
LoadLibraryExW
HeapReAlloc
ReadFile
UnmapViewOfFile
GetFileSize
InterlockedDecrement
GetSystemDefaultUILanguage
lstrcmpW
GetCurrentThreadId

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c276648307a3afdced0e29427b13d3c5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

samlib

ntdll

user32

gdi32

ole32

advapi32

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 292KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 3KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 292KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 3KB