e55d7616bc4e28ae381c341e2af091c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e55d7616bc4e28ae381c341e2af091c0_JaffaCakes118
Size

317KB
MD5

e55d7616bc4e28ae381c341e2af091c0
SHA1

b2539cc1e08a6338dda2139d75f9284dcd3f6bfe
SHA256

cf499579bdc191639a8659f45ca746dab0553f1a93f8d1584a58791eb0f65b1a
SHA512

0e683e30b9ffe654b7ace5379380bf723e9623be7b0012bc55a865481ba0b340a67308f598655fed080595d67988bc933b6aeb8f1c21c278c94e31c07ea669d1
SSDEEP

3072:umYGp+2GcIB28KpcqYfzWHm+wVnkfDDffffNfffLffffqyffAfffjffffNfffLfm:uHvoiK0b1vEoOs9BdavhlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e55d7616bc4e28ae381c341e2af091c0_JaffaCakes118

Files

e55d7616bc4e28ae381c341e2af091c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1c9d2141b50a7134a756aa0eb717034

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextLengthA
MoveWindow
GetWindowPlacement
DrawIcon
DestroyIcon
SetWindowTextA
FillRect
GetParent
EnableWindow
GetDlgItemTextA
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
GetSysColor
GetSysColorBrush
IsDialogMessageA
SendMessageA
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
CreateDialogParamA
CharNextA
MessageBoxA
WaitForInputIdle
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
GetClientRect
ClientToScreen
SetWindowPos
GetWindowDC
EndDialog
GetDlgItem
ShowWindow
DialogBoxParamA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
GetWindowRect
GetDlgCtrlID
DestroyWindow
DdeSetQualityOfService
UnhookWindowsHook
ChildWindowFromPoint
LoadMenuIndirectW
RegisterClipboardFormatW
SetWindowPlacement
ShowCursor
RegisterDeviceNotificationA
GetKeyboardState
CharLowerA
OpenIcon
GetWindowTextA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateGuid
GetRunningObjectTable
StgIsStorageFile
StgOpenStorage
CoUninitialize
CoInitialize
CreateItemMoniker
CoCreateInstance

advapi32

RegEnumValueA
RegQueryValueA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegDeleteKeyA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetModuleHandleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
DeleteCriticalSection
ExitProcess
HeapAlloc
GetTimeZoneInformation
WideCharToMultiByte
Sleep
HeapFree
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
WriteFile
ExitThread
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GetLastError
SetLastError
CopyFileA
MultiByteToWideChar
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GetPrivateProfileIntA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
lstrcpyA
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
HeapSize
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
RtlUnwind
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetPrivateProfileStringA
LocalAlloc
GetNamedPipeHandleStateA
GetPrivateProfileSectionW
OpenThread
ExpandEnvironmentStringsW
SetTimerQueueTimer
SetCurrentDirectoryW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
UnmapViewOfFile
IsBadWritePtr
MapViewOfFile
CreateFileMappingA
RaiseException

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1c9d2141b50a7134a756aa0eb717034

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

version

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 101KB - Virtual size: 184KB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 101KB - Virtual size: 184KB

.rsrc
Size: 89KB - Virtual size: 88KB