72d70e94e54ba232ba3f798699669990_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72d70e94e54ba232ba3f798699669990_JaffaCakes118
Size

446KB
MD5

72d70e94e54ba232ba3f798699669990
SHA1

16f257adf89a56a93a6be45bf470a71d4d570d26
SHA256

93b1135cdbed6e1bf1269248d28e5a5f74fb5cb234c6385b56d025839bada289
SHA512

e024605c3469c27d470dc2cdb17bdef55507c80feb81969531277f96083d96511ab4e14d16f61f1723e0a97a69f6c201cfb34ac3584da8ba415e5f05582a139d
SSDEEP

12288:rFQyFgwMQsXS3NG5ddoM4YQYgDhgvMph5O0ZcQ:rSyFgTQ9NydHQ3evs15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72d70e94e54ba232ba3f798699669990_JaffaCakes118

Files

72d70e94e54ba232ba3f798699669990_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ea4b052c1b603b269c69b2a59b97664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage
SendMessageA
SetTimer
KillTimer
DialogBoxParamA
SetWindowLongA
GetWindowLongA
SetWindowTextW
SetWindowTextA
LoadIconA
LoadStringW
LoadStringA
CharUpperA
DestroyWindow
EndDialog
PostMessageA
ShowWindow
MessageBoxW
GetDlgItem
DialogBoxParamW
CharUpperW
CharToOemBuffA
GetNextDlgGroupItem
RedrawWindow
GetAncestor
GetWindowModuleFileNameA
UnpackDDElParam
IsRectEmpty
UnhookWindowsHook
IsCharAlphaW
GetMenuCheckMarkDimensions
IsWindowVisible
CheckRadioButton

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA
SHGetMalloc

advapi32

CreateServiceA
RegQueryValueExA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
OpenProcessToken
StartServiceA
RegSetValueExA
AdjustTokenPrivileges
CloseServiceHandle
ControlService
RegSetValueA
DeleteService
GetTokenInformation
LookupPrivilegeValueA
OpenSCManagerA
OpenServiceA
RegCloseKey
RegCreateKeyA
RegFlushKey
RegOpenKeyExA
RegQueryValueA

gdi32

CreateFontIndirectA
BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
LineTo
MoveToEx
Polygon
SelectObject
SetBkColor
SetBkMode
SetPixelFormat
SetTextColor
SwapBuffers
TextOutA
CreateBrushIndirect
SetTextAlign
GetDeviceCaps

comctl32

ImageList_LoadImageA
ord17

kernel32

HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
SetErrorMode
GetExitCodeProcess
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
MoveFileA
lstrcpynA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetCPInfo
MulDiv
CopyFileA
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadPriority
TerminateProcess
TerminateThread
UnmapViewOfFile
GetTickCount
lstrcatA
lstrcmpiA
HeapCreate
GetThreadPriority
GetSystemInfo
GetSystemDirectoryA
GetProcAddress
GetPriorityClass
GetLocalTime
GetACP
GetOEMCP
IsValidCodePage
RaiseException
GetConsoleCP
GetConsoleMode
HeapSize
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetFileType
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
RtlUnwind
lstrcpyA
SetEnvironmentVariableA
GetPrivateProfileStringA
WideCharToMultiByte
GlobalLock
GetOverlappedResult
EnumResourceNamesW
CreateSemaphoreW
LCMapStringW
LockResource
PeekNamedPipe
CallNamedPipeA
CopyFileExW
EnumResourceLanguagesW
GlobalUnfix
GetProcessWorkingSetSize
SetPriorityClass
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
SetCurrentDirectoryA
CreateProcessA
CloseHandle
WaitForSingleObject
DeleteCriticalSection
MultiByteToWideChar
GetLastError
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
SetFileTime
CreateFileW
SetLastError
SetFileAttributesA
RemoveDirectoryA
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
GetStdHandle
WaitForMultipleObjects
Sleep
VirtualAlloc
VirtualFree
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineW
GetUserDefaultLangID
GetVersion
GlobalAlloc
GlobalFree
GlobalMemoryStatusEx
AllocateUserPhysicalPages
GlobalUnlock
LoadLibraryA
LoadResource
MapUserPhysicalPages
MapViewOfFile
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
CreateFileMappingA
CreateThread
DeviceIoControl
ExitProcess
ExitThread
FindResourceA
FreeLibrary
FreeUserPhysicalPages
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ea4b052c1b603b269c69b2a59b97664

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

comctl32

kernel32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 16KB - Virtual size: 172KB

.rsrc Size: 289KB - Virtual size: 288KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 16KB - Virtual size: 172KB

.rsrc
Size: 289KB - Virtual size: 288KB