54c1677a604fe3d1ea9f7e597cc74b1e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

54c1677a604fe3d1ea9f7e597cc74b1e_JaffaCakes118
Size

313KB
MD5

54c1677a604fe3d1ea9f7e597cc74b1e
SHA1

7710ec4d4067abc33c5f33c68b59c3d9eaeb0693
SHA256

f10e91b83ee6d24a39fa606fe0d99897ef4dad6e3edaa82f610fbb77630f8ea0
SHA512

f2e833d7e211b52b4634ace1f1ade91e9f3df14a881c1e6f3881401eee02076cedec63a6170eb91f17698c866de68404bec752bbcff2960b8d280de4d44bf441
SSDEEP

3072:Kwrtf8H+INt2Q8fUIS7lYwqPF3vXN+h4QYouDwdMGdThD:Ky+eINt2RfU9lYRPF3vU4QYHDwdFdTR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54c1677a604fe3d1ea9f7e597cc74b1e_JaffaCakes118

Files

54c1677a604fe3d1ea9f7e597cc74b1e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

68b208fa3056927bd0bb68f6cedc966d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcpynW
lstrcpyW
lstrcmpiW
lstrcmpW
lstrcatW
WriteConsoleW
WideCharToMultiByte
WaitForDebugEvent
VerifyVersionInfoW
VerSetConditionMask
UnhandledExceptionFilter
TlsAlloc
TerminateProcess
SwitchToThread
SetVolumeMountPointA
SetUnhandledExceptionFilter
SetStdHandle
SetLocaleInfoW
SetLastError
SetEvent
SetErrorMode
SetConsoleMode
ScrollConsoleScreenBufferA
ReadFile
ReadConsoleW
ReadConsoleOutputW
ReadConsoleOutputA
QueryPerformanceCounter
Process32FirstW
OpenEventW
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryW
IsWow64Process
IsSystemResumeAutomatic
GlobalUnWire
GetVersionExW
GetTickCount
GetThreadLocale
GetSystemWindowsDirectoryA
GetSystemTimeAsFileTime
GetStdHandle
GetNumberFormatA
GetLastError
GetExitCodeThread
GetProcAddress
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetComputerNameExW
GetCommandLineW
GetBinaryTypeW
FreeLibrary
FormatMessageW
FindResourceA
FindFirstVolumeMountPointA
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
EnumUILanguagesW
EnumSystemLanguageGroupsW
CreateWaitableTimerW
CreatePipe
CreateHardLinkW
CompareStringW
CloseHandle
GetModuleHandleW
GetModuleHandleA

user32

AllowSetForegroundWindow
GetInputState
LoadCursorFromFileA
GetDC
DestroyCursor
GetWindowTextLengthW
GetMenuItemCount
IsWindow
GetSysColor
GetClipboardViewer
AnyPopup
CloseWindow
GetMessagePos
IsGUIThread
IsCharLowerA
CharNextW
GetSystemMetrics
LoadCursorA
LoadCursorW
LoadIconA
ChangeDisplaySettingsW
CharUpperW
CheckDlgButton
CreateAcceleratorTableW
CreateMDIWindowA
DestroyCaret
DispatchMessageA
DispatchMessageW
DlgDirListW
DlgDirSelectExA
DrawFrameControl
GetClassInfoExA
GetMonitorInfoW
GetWindowRgn
InflateRect
InsertMenuA
IsChild
LoadStringW
MessageBoxW
SetDlgItemTextA
SetMenuInfo
SetRect
SetTimer
SetWindowContextHelpId
wsprintfW
IsCharUpperA

gdi32

StartDocW
SetTextJustification
SetROP2
SetICMMode
AddFontResourceA
CreateMetaFileW
GetTextColor
DeleteDC
GetPolyFillMode
GetTextCharacterExtra
GetStretchBltMode
ArcTo
BRUSHOBJ_pvGetRbrush
CloseFigure
CreateDIBPatternBrush
CreateICA
CreatePalette
EnableEUDC
EngDeleteSurface
EngStretchBltROP
EnumFontFamiliesExA
FONTOBJ_pQueryGlyphAttrs
GdiEndDocEMF
GdiEntry4
GdiReleaseDC
GdiValidateHandle
GetBitmapBits
GetBitmapDimensionEx
GetBkMode
GetCharWidthFloatW
GetEnhMetaFileW
GetLogColorSpaceA
GetTextExtentPointW
GetTextFaceW
PlayEnhMetaFileRecord
PolyTextOutW
EndPath
RectInRegion
RemoveFontResourceW
SelectClipRgn
SetColorSpace
SetDIBits

advapi32

RegSetKeySecurity
RegConnectRegistryW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegisterEventSourceW
ReportEventW
SetFileSecurityW
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
OpenServiceW
OpenSCManagerW
OpenProcessToken
OpenEventLogW
LookupPrivilegeValueW
InitializeSecurityDescriptor
InitializeAcl
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidLengthRequired
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetLengthSid
FreeSid
DeregisterEventSource
CreateServiceW
CopySid
ConvertStringSecurityDescriptorToSecurityDescriptorW
CloseServiceHandle
CloseEventLog
ChangeServiceConfigW
ChangeServiceConfig2W
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAuditAccessAceEx
AddAccessDeniedAceEx
AddAccessAllowedAceEx
RegQueryValueExW
RegOpenKeyW
RegCloseKey

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExA
ShellAboutW
ShellAboutA
SHPathPrepareForWriteA
ExtractAssociatedIconExW
ExtractIconA
SHAppBarMessage
SHBrowseForFolderW
SHEmptyRecycleBinA
SHGetDataFromIDListA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFolderPathA
SHGetPathFromIDListA
SHGetSettings
WOWShellExecute

shlwapi

StrCmpNIA
StrRChrIA
StrRChrIW
StrRStrIA
StrCmpNA
StrChrIA

msvcrt

_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_vsnwprintf
_wcsdup
_wcsnicmp
calloc
exit
fflush
fprintf
free
realloc
strtok
swprintf
wcschr
wcsncmp
wcsstr
wcstod
wcstok
wcstol

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b208fa3056927bd0bb68f6cedc966d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

msvcrt

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 1024B - Virtual size: 1008B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 1024B - Virtual size: 1008B

.rsrc
Size: 2KB - Virtual size: 1KB