ff0f614e8bdb104bbceb0798cddcc4ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff0f614e8bdb104bbceb0798cddcc4ba_JaffaCakes118
Size

141KB
MD5

ff0f614e8bdb104bbceb0798cddcc4ba
SHA1

559cdddd5c73e2e09c38b5ed4ea377d094f144af
SHA256

29444b29d88cb741bb2e6fdff8766e7010948cf1f314ac72068b7def0b9e4336
SHA512

37003dc7e8ff559a0664031a75033ce722eee5508197af0a15a696d49b7ed9f282320377615a7552fb360dbdf628591a9f1cf7de98d8ce97db1f4e6cabd614de
SSDEEP

3072:LZAhSjfR7uNmRKUG41aFgwR5l/6ynhYwUecIXHiFkRcOYnlZW:LlfR7uNmRK2WLpqAc2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff0f614e8bdb104bbceb0798cddcc4ba_JaffaCakes118

Files

ff0f614e8bdb104bbceb0798cddcc4ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

054fb8226fddbcc045230d1e424c61cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
GetTickCount
GetWindowsDirectoryW
GlobalFree
HeapDestroy
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryExA
LoadLibraryW
LocalFree
MapViewOfFile
OutputDebugStringW
GetTempFileNameW
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
lstrcpynW
VirtualAllocEx
CreateFileA
lstrcatA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
DeleteCriticalSection
CreateProcessW
CreateFileW
CloseHandle
CreateFileMappingW
QueryPerformanceCounter

user32

LoadIconW
LoadIconA
LoadCursorA
MessageBoxW
LoadStringW
LoadCursorW
GetWindowLongW
GetSysColorBrush
GetSysColor
GetParent
wsprintfW
GetDlgItem
FillRect
EndDialog
EnableWindow
DrawIconEx
DispatchMessageW
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
TranslateMessage
ShowWindow
SetWindowTextW
PostQuitMessage
SetWindowPos
SetWindowLongW
SetTimer
SetDlgItemTextW
SendMessageW
RegisterClassExW
GetMessageW

gdi32

SetTextColor
SetBkMode
SelectObject
Polyline
GetObjectW
CreatePen
GetStockObject
DeleteObject
CreateFontIndirectW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA

shell32

ExtractIconExW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

PathFindFileNameW
StrCmpW
StrToIntW
PathQuoteSpacesW
SHDeleteKeyW
PathAppendW
PathRemoveFileSpecW

msvcrt

exit
system
strncpy
strncmp
_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_errno
_except_handler3
_exit
_initterm
_iob
_strnicmp
_vsnwprintf
_write
calloc
fclose
fflush
fgets
fopen
fprintf
fputc
fputs
free
getc
getenv
gmtime
isdigit
isspace
malloc
perror
printf
putc
putchar
sprintf
sscanf
strchr

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

054fb8226fddbcc045230d1e424c61cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 512B - Virtual size: 164B

.rdata6 Size: 512B - Virtual size: 100B

.rdata5 Size: 512B - Virtual size: 100B

.rdata4 Size: 1024B - Virtual size: 1000B

.rdata3 Size: 1024B - Virtual size: 1000B

.rdata2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 512B - Virtual size: 164B

.rdata6
Size: 512B - Virtual size: 100B

.rdata5
Size: 512B - Virtual size: 100B

.rdata4
Size: 1024B - Virtual size: 1000B

.rdata3
Size: 1024B - Virtual size: 1000B

.rdata2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 12KB - Virtual size: 12KB