JaffaCakes118_02a10b890454357d852cc56143750f64

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_02a10b890454357d852cc56143750f64
Size

276KB
MD5

02a10b890454357d852cc56143750f64
SHA1

2d059ae9c3426e28aea82654f5162b22d0c081a4
SHA256

a27384643d8ad91811f09e960dc81ab595f0a031d3ef5807cb05c7dcf31cb978
SHA512

23a74820802a686b36ee8f470f37a24c35a741d9763aea5d8b41097e39388285b07cf410697b04a31f215b0c0e340ad509c2abfd1f82b986365c74eef05a0a25
SSDEEP

6144:XyPwchXP2J2VJgln/T3lYYUAb4LemNDkxdX:OXPXXkn/rbUAb2eAAxdX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_02a10b890454357d852cc56143750f64

Files

JaffaCakes118_02a10b890454357d852cc56143750f64
.exe windows:4 windows x86 arch:x86

f3e507309769bc41a0631c6ed7394b31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

mpr

WNetGetUserW

kernel32

LoadLibraryA
ExpandEnvironmentStringsA
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
LocalFree
GetLogicalDriveStringsW
MoveFileW
GetTempFileNameW
SetErrorMode
GetCurrentProcessId
GetVersion
GetCurrentThread
lstrcpynA
lstrlenA
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
GetLocalTime
GetSystemInfo
GetModuleHandleW
GetVersionExW
LoadResource
FindResourceW
InitializeCriticalSection
MultiByteToWideChar
CreateEventW
FreeLibrary
GetTickCount
GlobalAlloc
GetWindowsDirectoryW
Sleep
GetTempPathW
GetModuleFileNameW
GetLastError
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetProcAddress

user32

SetWindowRgn
IsWindow
wsprintfW
LoadImageW
PeekMessageW
GetIconInfo
LoadBitmapW
GetMenuItemID
GetMenuItemCount
SetForegroundWindow
GetSubMenu
LoadMenuW
GetDesktopWindow
SetWindowPos
GetCursorPos
GetActiveWindow
OffsetRect
AppendMenuW
CreatePopupMenu
GetSysColor
SetTimer
DestroyCursor
LoadCursorW
DestroyIcon
CheckMenuItem
LoadIconW
EmptyClipboard
InvalidateRect
SetCapture
OpenClipboard
DestroyMenu
SendMessageW
GetFocus
SetCursor
EnableMenuItem
GetSystemMetrics
RemoveMenu
GetAsyncKeyState
GetClassInfoW
PostMessageW
EnableWindow
RegisterWindowMessageW
RegisterClassW
GetTopWindow
CreateDesktopA
CharLowerW
PeekMessageA
MessageBoxIndirectW
IsChild
CreateDialogParamA
FindWindowW
CharPrevA
RegisterWindowMessageA
CharNextA
MessageBoxA
EndMenu
SetDlgItemInt
mouse_event
SetFocus
keybd_event
RegisterClassExW
GetMenuItemRect
PostMessageA
InsertMenuA
CreateDialogIndirectParamA
IsIconic
ShowWindow
GetMenuStringW
SetWindowTextW
GetClassInfoExW
GetClassInfoA
ActivateKeyboardLayout
CharPrevW
SetDlgItemTextA

gdi32

CreateRectRgn
CreateDIBSection
DeleteObject
CreateBitmap
CreateCompatibleDC
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreateFontIndirectExA
ExtCreateRegion
AddFontResourceA
SetMetaFileBitsEx
GetRasterizerCaps
CreateFontIndirectA
CreateColorSpaceA

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
SetThreadToken
DuplicateToken
LookupAccountSidW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
DuplicateTokenEx
GetSidSubAuthority
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RevertToSelf
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyW
RegCreateKeyW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
LookupPrivilegeValueW
ImpersonateSelf

shell32

SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW

query

DoneCIISAPIPerformanceData

duser

MapGadgetPoints
DUserInstanceOf
DUserRegisterGuts
InitGadgetComponent
UnregisterGadgetMessageString
DUserCastDirect
SetGadgetFocus
IsStartDelete
GetGadgetScale
DUserBuildGadget
SetGadgetCenterPoint
RegisterGadgetMessageString
DUserSendMethod
FindStdColor
GetStdColorBrushF
RemoveGadgetProperty
GetGadgetRotation
SetGadgetProperty

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lli
Size: 5KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 108KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TBcmE
Size: 3KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 105KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3e507309769bc41a0631c6ed7394b31

Headers

File Characteristics

Imports

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

query

duser

Sections

.text Size: 6KB - Virtual size: 5KB

.text Size: 14KB - Virtual size: 16KB

.Lli Size: 5KB - Virtual size: 336KB

.rdata Size: 5KB - Virtual size: 20KB

.edata Size: 108KB - Virtual size: 122KB

.TBcmE Size: 3KB - Virtual size: 191KB

.data Size: 6KB - Virtual size: 237KB

.edata Size: 105KB - Virtual size: 202KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 16KB

.Lli
Size: 5KB - Virtual size: 336KB

.rdata
Size: 5KB - Virtual size: 20KB

.edata
Size: 108KB - Virtual size: 122KB

.TBcmE
Size: 3KB - Virtual size: 191KB

.data
Size: 6KB - Virtual size: 237KB

.edata
Size: 105KB - Virtual size: 202KB

.rsrc
Size: 22KB - Virtual size: 21KB