56f695d70a1cf1e1cc1e6b2710aab545_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56f695d70a1cf1e1cc1e6b2710aab545_JaffaCakes118
Size

306KB
MD5

56f695d70a1cf1e1cc1e6b2710aab545
SHA1

24482a5aac57fdbfa4576e9f2ce4b7ded6913ccc
SHA256

6618a1777c32d391bf6c628a571c8413bb253a176de486c049d3e6f4d02e061c
SHA512

f47d15b073d774a947456d892f2a966d574f38411efe60c7f0ba864e92a1c752a94fe893c952322f75e170e8d9f7783036c6b342e1b5286e35b4d3cbe82b3275
SSDEEP

6144:mfs1qUrfCMMGJqNd9tRNl0pHQmBXUlfPSnBR+1t3mM2Nuhb+r8BJxVT2:mU1zXST9t3aHQWXUdPSwt3mM2Kb+eq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56f695d70a1cf1e1cc1e6b2710aab545_JaffaCakes118

Files

56f695d70a1cf1e1cc1e6b2710aab545_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efd4873bc54ac7005fd1eb95fc588d9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

winmm

PlaySoundA

shlwapi

UrlEscapeA
SHDeleteValueA
PathRemoveFileSpecA
PathAppendA
SHGetValueA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

kernel32

HeapSize
GetCurrentThread
TlsAlloc
ReadConsoleInputA
SetConsoleMode
TlsSetValue
TlsFree
GetCPInfo
TlsGetValue
GetStdHandle
ExitProcess
HeapCreate
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapDestroy
FatalAppExitA
GetStartupInfoA
GetCommandLineA
GetWindowsDirectoryA
IsDebuggerPresent
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrlenW
CloseHandle
CreateThread
lstrlenA
GetCurrentThreadId
GetModuleFileNameA
DeleteFileA
CreateEventA
WaitForSingleObject
ResetEvent
RaiseException
SetLastError
Sleep
TerminateThread
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
InitializeCriticalSection
GetOEMCP
GetVersionExA
SetEvent
CreateFileA
InterlockedIncrement
InterlockedDecrement
lstrcmpiA
IsDBCSLeadByte
SizeofResource
LoadResource
DeleteVolumeMountPointA
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetOverlappedResult
WaitForMultipleObjects
DeviceIoControl
CancelIo
CreateWaitableTimerA
WriteFile
ReadFile
WriteProfileStringA
lstrcmpA
lstrcpyA
lstrcpynA
SetCommTimeouts
WinExec
lstrcatA
CreateSemaphoreA
ReleaseSemaphore
GetTickCount
OutputDebugStringA
InterlockedExchange
LocalAlloc
LocalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetConsoleAliasExesLengthA
GetEnvironmentStringsW
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetConsoleCtrlHandler
GetLocaleInfoW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
PeekConsoleInputA
DeleteCriticalSection
GetNumberOfConsoleInputEvents

user32

BringWindowToTop
PostMessageA
GetClassInfoExA
LoadCursorA
GetMessageA
RegisterClassExA
CreateWindowExA
IsWindowVisible
SetTimer
KillTimer
PostQuitMessage
SetForegroundWindow
IsWindow
GetKeyState
CharNextA
DestroyWindow
PeekMessageA
DispatchMessageA
TranslateMessage
EnableWindow
IsChild
CallWindowProcA
LoadImageA
GetParent
GetWindow
SystemParametersInfoA
MapWindowPoints
MessageBoxA
ShowWindow
GetClientRect
GetWindowRect
SetWindowPos
SetWindowTextA
SendMessageA
GetWindowLongA
SetWindowLongA
OpenClipboard
IsMenu
EmptyClipboard
SetClipboardData
CloseClipboard
FindWindowA
FlashWindowEx
GetActiveWindow
DispatchMessageW
GetMessageW
UnregisterClassA
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
IsWindowUnicode
MsgWaitForMultipleObjects
RegisterDeviceNotificationA
RegisterWindowMessageA
GetCursorPos
LoadMenuA
GetSubMenu
DeleteMenu
EnableMenuItem
CheckMenuItem
ModifyMenuA
TrackPopupMenu
DestroyMenu
GetDoubleClickTime
DefWindowProcA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CoTaskMemFree
OleUninitialize
CoTaskMemRealloc
CLSIDFromProgID
StringFromIID
CoTaskMemAlloc
CoInitialize
CoUninitialize
OleInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
VariantCopy
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi
VarBstrCat
VarUI4FromStr
SysFreeString
DispCallFunc

gdi32

CreateDCA
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
DeleteDC
CreateCompatibleDC

Sections

0
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efd4873bc54ac7005fd1eb95fc588d9a

Headers

File Characteristics

Imports

winmm

shlwapi

setupapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

gdi32

Sections

0 Size: 240KB - Virtual size: 240KB

0 Size: 24KB - Virtual size: 24KB

0 Size: 4KB - Virtual size: 28KB

.bss Size: 512B - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 16KB

0
Size: 240KB - Virtual size: 240KB

0
Size: 24KB - Virtual size: 24KB

0
Size: 4KB - Virtual size: 28KB

.bss
Size: 512B - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 16KB