b4ee7075339fade759a9d5f7cc48b15e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b4ee7075339fade759a9d5f7cc48b15e_JaffaCakes118
Size

230KB
MD5

b4ee7075339fade759a9d5f7cc48b15e
SHA1

136386397a3b829c10a1c4a81b0b609d81d78bc6
SHA256

b69049b7576687c0efed9b3cb9fa8f3beb218e31c30d200c1a67ad46bd06fcf0
SHA512

972482222bba9f3334eb6395531b41782cb0ab8adee3111b98c87d95829ecf34ab09e415490b04c0089878558126ab9a005f7768ed0a6ec761647cb1c9abda15
SSDEEP

3072:6F53ILQREz3sa3W3LaS1l7wMY8hieWFyBErdwBh88w1xqwJZ:AEQRw32LX7hihyqSK8wbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ee7075339fade759a9d5f7cc48b15e_JaffaCakes118

Files

b4ee7075339fade759a9d5f7cc48b15e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bbc3117e14fd894a8591134d93deed73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CreateFileMappingW
FreeLibrary
GetCurrentThreadId
HeapFree
VirtualQueryEx
FatalAppExitA
WideCharToMultiByte
GetFileSizeEx
DeleteCriticalSection
CompareStringW
GlobalMemoryStatus
GetSystemTimeAsFileTime
IsDebuggerPresent
WriteConsoleA
SizeofResource
HeapReAlloc
LoadLibraryExW
LocalFree
Module32NextW
GetTimeFormatA
GetTimeZoneInformation
FindFirstFileW
GetTempFileNameW
ExitThread
OpenThread
CompareStringA
InterlockedIncrement
GetConsoleMode
SetConsoleCtrlHandler
SystemTimeToFileTime
FindResourceW
LCMapStringW
Process32FirstW
TlsSetValue
InitializeCriticalSectionAndSpinCount
GetFileSize
SetEnvironmentVariableA
VirtualProtect
GetCommandLineW
ExitProcess
GetCPInfo
WaitForSingleObject
FreeEnvironmentStringsW
HeapAlloc
LCMapStringA
Process32NextW
CreateProcessW
IsValidLocale
TlsFree
IsProcessorFeaturePresent
GetConsoleCP
GetModuleFileNameW
RemoveDirectoryW
ReadProcessMemory
ReadFile
GetStartupInfoW
CreateEventW
lstrlenW
GetModuleHandleA
WriteFile
lstrcmpiW
GetProcessHeap
GetTempPathW
OpenFileMappingW
GetVolumeInformationW
GetCurrentProcess
LoadResource
FlushFileBuffers
TlsGetValue
InitializeCriticalSection
LockResource
OpenProcess
VirtualFree
GetPrivateProfileSectionW
LeaveCriticalSection
UnmapViewOfFile
WriteConsoleW
FindResourceExW
SetFilePointer
InterlockedCompareExchange
CreateFileW
GetLocaleInfoA
GetModuleHandleW
lstrlenA
LoadLibraryA
GetOEMCP
GetStringTypeW
EnterCriticalSection
TlsAlloc
ProcessIdToSessionId
SetUnhandledExceptionFilter
GetDriveTypeW
VirtualAlloc
GetLocaleInfoW
CreateDirectoryW
GetModuleFileNameA
QueryPerformanceCounter
CreateMutexW
GlobalAddAtomA
OutputDebugStringW
GetEnvironmentVariableA
VirtualProtectEx
GlobalFindAtomW
LoadLibraryExA
GetVersion
AreFileApisANSI
GetLogicalDrives
GetCurrentThread
SetStdHandle
HeapSize
GetStartupInfoA
RaiseException
GetProcAddress
GetEnvironmentStringsW
GetConsoleOutputCP
GetPrivateProfileStringW
GetLastError
InterlockedExchange
MapViewOfFile
InterlockedDecrement
HeapCreate
TerminateProcess
GetStringTypeA
GetUserDefaultLCID
DeviceIoControl
GetPrivateProfileIntW
RtlUnwind
MoveFileExW
LoadLibraryW
GetDateFormatA
WritePrivateProfileStringW
GetStdHandle
GetTickCount
GetFileAttributesW
HeapDestroy
IsValidCodePage
SetEndOfFile
Module32FirstW
SetLastError
FlushInstructionCache
Sleep
CreateFileA
GetPrivateProfileSectionNamesW
GetCurrentProcessId
SetHandleCount
CloseHandle
GetVersionExW
DeleteFileW
EnumSystemLocalesA
CreateThread
FindNextFileW
CreateToolhelp32Snapshot
MultiByteToWideChar
UnhandledExceptionFilter
GetDiskFreeSpaceExW
GetLocalTime
GetFileType
ExpandEnvironmentStringsW
SetEvent

user32

GetTopWindow
SetForegroundWindow
LoadIconA
IsWindowEnabled
wsprintfW
GetForegroundWindow
IsWindowUnicode
CharUpperW
GetDesktopWindow
IsWindowVisible
EnableWindow
GetFocus
DispatchMessageW
DestroyCursor
SendMessageW
LoadCursorW
RegisterClassExW
UnregisterClassA
TrackMouseEvent
ReleaseDC
GetMessageW
InvalidateRect
KillTimer
CreatePopupMenu
LoadStringW
GetClassInfoExW
PeekMessageW
SetFocus
MonitorFromWindow
ScreenToClient
PostQuitMessage
DrawTextW
CharNextW
ShowWindow
DestroyWindow
TranslateMessage
GetWindowThreadProcessId
EnumWindows
MonitorFromPoint
RemoveMenu
GetMenuItemInfoW
GetWindowTextW
DestroyMenu
UpdateLayeredWindow
GetClassNameW
SetWindowLongW
CallWindowProcW
GetWindow
PostMessageW
SetTimer
GetWindowLongW
TranslateAcceleratorW
CreateWindowExW
TrackPopupMenuEx
PtInRect
SetWindowTextW
AppendMenuW
SetWindowPos
DefWindowProcW
GetCursorPos
SetCursor
LoadImageW
LoadMenuW
IsWindow
EnumChildWindows
LoadStringA
MapWindowPoints
GetWindowDC
GetParent
GetMenuItemCount
MessageBeep
GetWindowRect
GetMonitorInfoW
LoadAcceleratorsW
GetClientRect

gdi32

AbortPath
AddFontMemResourceEx
SetTextColor
SetBitmapBits
GetBitmapBits
CreateCompatibleBitmap
RestoreDC
CreateDIBSection
CreateCompatibleDC
DeleteObject
DeleteDC
SelectObject
CreateFontW
SetBkMode
SaveDC

advapi32

QueryServiceStatus
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
DeleteService
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
SetEntriesInAclW
FreeSid
RegOpenKeyA
SetNamedSecurityInfoW
ControlService
SetTokenInformation
RegCloseKey
StartServiceW
CloseServiceHandle
RegQueryInfoKeyW
OpenProcessToken
AllocateAndInitializeSid
RevertToSelf
OpenSCManagerW
CreateProcessAsUserW
CreateServiceW
LookupPrivilegeValueW
GetNamedSecurityInfoW
OpenServiceW
DuplicateTokenEx
RegEnumValueW
RegEnumKeyExW

shell32

SHFileOperationW
SHGetSpecialFolderPathW

ole32

CoCreateGuid
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoTaskMemRealloc
CoSetProxyBlanket
CoInitializeSecurity
CoInitialize

oleaut32

SysAllocString
SysStringLen
SetErrorInfo
VariantClear
SysAllocStringByteLen
VarUI4FromStr
SysFreeString
VariantChangeType
GetErrorInfo
VariantInit
CreateErrorInfo

winhttp

WinHttpOpen
WinHttpSendRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpReceiveResponse
WinHttpConnect
WinHttpQueryHeaders

comctl32

InitCommonControlsEx

shlwapi

StrStrIW
PathIsDirectoryW
PathRemoveExtensionW
PathFindExtensionW
PathAppendW
PathGetDriveNumberW
SHDeleteKeyW
PathFileExistsW
PathStripPathW
PathFindFileNameW
PathRemoveFileSpecW

msimg32

GradientFill
AlphaBlend

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

iphlpapi

GetIpForwardTable

oledlg

ord8
OleUIBusyW

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

QueryWorkingSet
GetProcessMemoryInfo
GetModuleInformation
GetModuleFileNameExW

msvcrt

__set_app_type
_except_handler3
_CIsin

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbc3117e14fd894a8591134d93deed73

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winhttp

comctl32

shlwapi

msimg32

version

iphlpapi

oledlg

wtsapi32

psapi

msvcrt

userenv

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 36KB - Virtual size: 40KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 36KB - Virtual size: 40KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 11KB - Virtual size: 11KB