f37f400d7a9585d75ae5b7380cfc7fe5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f37f400d7a9585d75ae5b7380cfc7fe5_JaffaCakes118
Size

304KB
MD5

f37f400d7a9585d75ae5b7380cfc7fe5
SHA1

9bebb45cea1e44c6c1af35b5df3304f3aca9f25f
SHA256

e121517400fd13122f0588d2ed5455ddbdea8d3eefe9af461abb87b2cee87672
SHA512

d091c543bfda99c3ada7863c9b8cf62e5fb335ccf1904c9392550779243ba0fce4dc1214ce3398012636e50223fc99741a1c48a8794c95f41f4376a2603e9ec3
SSDEEP

6144:0cXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:9XlK3x96Z613JtgPJo2q8AM2/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f37f400d7a9585d75ae5b7380cfc7fe5_JaffaCakes118

Files

f37f400d7a9585d75ae5b7380cfc7fe5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

ole32

CoCreateInstance

user32

PeekMessageA
CharPrevA
DispatchMessageA
GetWindowRect
MsgWaitForMultipleObjects
GetDesktopWindow
AppendMenuA
wsprintfA
SendMessageA
TranslateMessage
CharUpperA

shlwapi

PathRemoveFileSpecA

shell32

SHCreateDirectoryExA

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
CloseServiceHandle
InitializeSecurityDescriptor
RegConnectRegistryA
RegOpenKeyExA
OpenServiceA
QueryServiceStatus
OpenSCManagerA
RegSetValueExA
GetUserNameA
RegEnumKeyExA

mapi32

ord183
ord75
ord129
ord13
ord17
ord137
ord135
ord174
ord140
ord60
ord139
ord185
ord15

kernel32

LoadLibraryExA
FindClose
GetLocalTime
WaitForSingleObject
CreateEventA
GetFileSize
LeaveCriticalSection
lstrcpyA
CreateMutexA
lstrcmpA
ReleaseMutex
WaitForMultipleObjects
FreeLibrary
WideCharToMultiByte
FileTimeToSystemTime
OutputDebugStringA
SetFilePointer
WriteFile
SetLastError
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
lstrlenW
ResetEvent
lstrcpynA
GetShortPathNameA
GetACP
CreateSemaphoreA
SetThreadPriority
CreateFileA
GetSystemTime
lstrlenA
SystemTimeToFileTime
CloseHandle
ReadFile
CreateThread
GetModuleHandleA
GetTempFileNameA
FormatMessageA
FindFirstFileA
OpenFile
OpenEventA
GlobalAlloc
ReleaseSemaphore
lstrcpyW
DeleteFileW
FindNextFileA
GlobalFree
CreateFileW
lstrcmpW
VirtualAllocEx

msvcrt

_mbscmp
wcscpy
isdigit
strncpy
_snprintf
_strlwr
fread
sscanf
_CxxThrowException
wcslen
_mbsdec
strlen
strcpy
strcspn
free
_wcsicmp
fclose
sprintf
_stricmp
fgets
_itoa
_makepath
wcscspn
_strcmpi
wcsncpy
_mbsicmp
memcmp
_mbsrchr
_mbsnbicmp
_splitpath
_access
strncmp
wcscat
atoi
memcpy
fwrite
strchr
wcscmp
_strnicmp
__CxxFrameHandler
abs
__dllonexit
_mbschr
_mbsnbcpy
_mbsnbcat
_wcsnicmp
_mbsinc
malloc
memmove
strcat
_mbsnbcmp
_snwprintf
calloc
_onexit
strstr
fopen
_initterm
localtime
memset

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DragMove
ImageList_GetIcon
ImageList_DragEnter
InitMUILanguage
FlatSB_GetScrollProp
ImageList_Replace

rasser

PortGetStatistics

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

Imports

shfolder

ole32

user32

shlwapi

shell32

advapi32

mapi32

kernel32

msvcrt

version

comctl32

rasser

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 273KB - Virtual size: 575KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 273KB - Virtual size: 575KB

.rsrc
Size: 4KB - Virtual size: 4KB