c1587515102a00a660b1688218d545f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c1587515102a00a660b1688218d545f2_JaffaCakes118
Size

498KB
MD5

c1587515102a00a660b1688218d545f2
SHA1

5a472b9da22f089d0a9b9e576c256165ac6a2844
SHA256

64efea6bbaca5fcd316083bfa94eeed68751308f228e1f040b0ad4e62169f1ba
SHA512

e175625938e585a93132a572526c22bffe7eae50fc9f51639e78213365df756c062c2a1ac5d0a255f5cffd0cbad0fd99c95dc67f9d96d6f718d1146b4e773bfd
SSDEEP

6144:jd31DD86nRjT3k+g7P2vX0S9Eyjw/Vb9lMGhb9lGhZDah54FKVLrauZYtF18CvVM:jl2ijhM1WjwtbZhb9lOY8+XAtF+Cd/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1587515102a00a660b1688218d545f2_JaffaCakes118

Files

c1587515102a00a660b1688218d545f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec3e884399de1a7a053488acd8434950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPos
CreateWindowExA
MoveWindow
PostQuitMessage
wsprintfA
DefWindowProcA
FillRect
ReleaseDC
GetWindowDC
DrawTextA
DispatchMessageA
TranslateMessage
EnableWindow
GetForegroundWindow
SetWindowTextW
OffsetRect
GetSystemMetrics
SetWindowTextA
ShowWindow
DestroyWindow
KillTimer
EndDialog
GetDlgItem
PostMessageA
SendMessageA
SetTimer
MessageBoxW
LoadStringW
LoadStringA
DialogBoxParamW
DialogBoxParamA
SetWindowLongA
GetWindowLongA
CharUpperW
CharUpperA
GetWindowTextA
GetWindowRect
IsWindow
SystemParametersInfoA
CheckDlgButton
IsDialogMessageA
BeginPaint
EndPaint
InvalidateRect
SetFocus
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxA
SetCursor
GetMessageA
PeekMessageA

shell32

SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

gdi32

CreateFontA
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectA
CreatePalette

kernel32

TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoA
TlsAlloc
TlsSetValue
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetSystemTimeAsFileTime
InterlockedDecrement
GetStringTypeA
IsDBCSLeadByte
GetCPInfo
GetCurrentDirectoryA
SetFileAttributesW
GetFileAttributesW
SetLastError
GetStdHandle
CreateFileW
GetFileType
GetLastError
DosDateTimeToFileTime
FormatMessageA
GlobalAddAtomA
GlobalDeleteAtom
TlsFree
VirtualAlloc
VirtualFree
WinExec
_lcreat
GetStringTypeW
RaiseException
WideCharToMultiByte
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
HeapReAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSection
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
GetCurrentThreadId
DeleteCriticalSection
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RtlUnwind
IsValidCodePage
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
_lopen
_lread
GlobalFlags
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
GetCommandLineA
WriteFile
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
lstrlenA
lstrcpyA
SetEndOfFile
CreateFileA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ExitProcess
CopyFileA
GetCurrentProcess
GetTickCount
GetModuleFileNameA
Sleep
SetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
lstrcatA
MoveFileA
GetFullPathNameA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 390KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec3e884399de1a7a053488acd8434950

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 390KB - Virtual size: 524KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 390KB - Virtual size: 524KB

.rsrc
Size: 2KB - Virtual size: 2KB