56fc1866928cb1819b4ebc5161038e74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56fc1866928cb1819b4ebc5161038e74_JaffaCakes118
Size

232KB
MD5

56fc1866928cb1819b4ebc5161038e74
SHA1

718fcb336d9c4886663997c7e6d3e62f0d1ce3e1
SHA256

fc1c73253ffbf443008c8843980688de939e56aa8665a2613c9e93c43a5c38c4
SHA512

16e4d5583101112d5756c7a1b7c563c589539a341ac676812d8981d49d2db2c6d2d71890f75b86c578528a30e93f3a9524200a323ea32e0630c27046ab791a0e
SSDEEP

3072:9L4Xb+nN1aNoXEf0zy7aayK8eOyVxMye371GKUSYBGkAyhNud:1Uo3EfEy7QKLVK76Af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56fc1866928cb1819b4ebc5161038e74_JaffaCakes118

Files

56fc1866928cb1819b4ebc5161038e74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2b7f109ecf9ca8117e7097fc3ee3bfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateFileMappingA
DeleteCriticalSection
DuplicateHandle
EnumCalendarInfoA
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindResourceW
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetLocalTime
GetLocaleInfoA
GetProcessHeap
GetStartupInfoA
GetStringTypeA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetWindowsDirectoryA
GlobalAddAtomA
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
IsBadWritePtr
IsDBCSLeadByte
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFileTimeToFileTime
LocalFree
ResetEvent
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetThreadLocale
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateThread
TlsAlloc
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpiW
lstrlenA

user32

CloseClipboard
CreateMenu
DestroyIcon
DrawIcon
EndPaint
EnumWindows
GetClassInfoA
GetClassNameA
GetCursorPos
GetDlgItem
GetKeyState
GetKeyboardType
GetLastActivePopup
GetMenuItemID
GetSysColor
GetTopWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
IntersectRect
IsChild
KillTimer
MessageBeep
PostQuitMessage
PtInRect
ReleaseDC
RemoveMenu
SendDlgItemMessageA
SetClipboardData
SetScrollInfo
SetScrollRange
UnhookWindowsHookEx
WinHelpA

gdi32

AddFontResourceA
Chord
CombineRgn
CopyEnhMetaFileA
CreateBrushIndirect
CreateCompatibleDC
CreateDCA
CreateHalftonePalette
CreateHatchBrush
CreatePen
CreateRectRgn
DPtoLP
Ellipse
EndPage
EnumFontsA
ExtCreatePen
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutW
FrameRgn
GetBitmapBits
GetCharWidthA
GetEnhMetaFilePaletteEntries
GetObjectA
GetObjectW
GetStretchBltMode
GetTextExtentExPointW
GetTextExtentPointA
GetWindowOrgEx
InvertRgn
OffsetClipRgn
PolyBezierTo
PtInRegion
RemoveFontResourceA
SetArcDirection
SetBkColor
SetDIBitsToDevice
SetMapperFlags
SetROP2
SetRectRgn
SetTextColor
SetTextJustification
SetViewportOrgEx
SetWindowExtEx
SetWorldTransform
StartDocW
StartPage
StrokeAndFillPath

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFileW
ExtractAssociatedIconW
ExtractIconA
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolder
SHCreateDirectoryExA
SHCreateDirectoryExW
SHFileOperationW
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSettings
SHGetSpecialFolderLocation
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreateStatusWindowA
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Replace
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
InitCommonControlsEx

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
ControlService
CopySid
CryptCreateHash
CryptDestroyHash
EqualSid
GetSecurityDescriptorDacl
GetTokenInformation
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenSCManagerW
OpenServiceA
OpenServiceW
RegCreateKeyA
RegCreateKeyExW
RegDeleteValueA
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorDacl

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoInitializeEx
CoInitializeSecurity
CoLoadLibrary
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemAlloc
CreateBindCtx
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
DoDragDrop
GetRunningObjectTable
IIDFromString
IsAccelerator
OleFlushClipboard
OleRun
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
StgOpenStorage
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2b7f109ecf9ca8117e7097fc3ee3bfd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 79KB - Virtual size: 80KB