ead9edc8a379729eb59740be4ec6fb42_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ead9edc8a379729eb59740be4ec6fb42_JaffaCakes118
Size

399KB
MD5

ead9edc8a379729eb59740be4ec6fb42
SHA1

9895926cf87f2cdc555015764fb3aee0d75cd0cb
SHA256

9a0259b2cf94ec191876fbe44b6f1143a7f4eb9786d26f39ad67993eacbd58a8
SHA512

30e9e21553e3f4bf81eec9ee7a093dbdbc7021606fad62ca5f77b43bdee8298ac6ab281edfd6fbe2d41a41758344909123ef80c3d9bf30e1a082e54daaeb1d6f
SSDEEP

12288:Ig79oEohrfXx6mgMzYTmGpEh85h5ToE5nnek:IgHuBJzcd+0hd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ead9edc8a379729eb59740be4ec6fb42_JaffaCakes118

Files

ead9edc8a379729eb59740be4ec6fb42_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4dc89a3e34eddbf68477d4297193e4c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscpy
wcsncpy
wcspbrk
realloc
wcscmp
_wtol
wcscat
wcslen
_onexit
__dllonexit
_adjust_fdiv
_initterm
wcscspn
wcsspn
wcsncmp
_purecall
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
free
__CxxFrameHandler
_wcsupr
wcstoul
wcschr
wcstol
wcsncat
_ftol
_wcsicoll
_wtoi
wcsstr
_wcsicmp
_snwprintf
_ltow
swprintf

atl

ord11
ord10
ord21
ord16
ord15
ord23
ord22
ord18
ord32

advapi32

GetUserNameW
RegDeleteValueW
OpenThreadToken
RegEnumKeyExW
MapGenericMask
MakeSelfRelativeSD
GetSecurityDescriptorControl
GetSidLengthRequired
InitializeSid
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountSidW
GetSecurityDescriptorLength
GetAclInformation
AddAce
GetSecurityDescriptorDacl
InitializeAcl
GetAce
AddAccessAllowedAce
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
LookupAccountNameW
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

gdi32

SetStretchBltMode
GetObjectW
GetTextExtentPointW
SetBkMode
BitBlt
GetPixel
CreateBitmap
CreateCompatibleDC
StretchBlt
GetBkColor
ExtTextOutW
SelectObject
GetTextMetricsW
PatBlt
CreateFontIndirectW
DeleteObject
DeleteDC
GetDeviceCaps
SetBkColor
SetTextColor

kernel32

LoadResource
FindResourceW
MulDiv
TerminateThread
ResetEvent
DuplicateHandle
GlobalFree
GlobalSize
lstrcmpW
LocalFree
LocalAlloc
GetLocaleInfoW
IsBadReadPtr
PulseEvent
lstrcpyW
MultiByteToWideChar
lstrlenA
lstrlenW
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
GetLastError
CloseHandle
GetCurrentProcess
FlushInstructionCache
HeapAlloc
GetProcessHeap
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThread
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
HeapFree
CreateThread
OutputDebugStringW
SetEvent
WaitForSingleObject
IsBadWritePtr
IsBadStringPtrW
CreateEventW
GetLocalTime
Sleep
TryEnterCriticalSection
GetTickCount
GetWindowsDirectoryW
DisableThreadLibraryCalls
LockResource

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
StringFromIID
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitializeEx

oleaut32

VariantInit
VarBstrFromDate
SystemTimeToVariantTime
SysReAllocString
OleCreatePropertyFrame
SysAllocString
VariantTimeToSystemTime
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

shell32

ShellExecuteW

user32

CreateDialogParamW
SendDlgItemMessageW
SetScrollInfo
FindWindowExW
InflateRect
SetDlgItemTextW
WinHelpW
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
IsWindowEnabled
ValidateRect
UpdateWindow
SetRectEmpty
MessageBoxW
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
LoadIconW
DefDlgProcW
GetMenuItemCount
GetScrollInfo
GetMenuItemID
GetWindowLongW
SetWindowPos
SetWindowLongW
GetWindowTextW
GetWindowTextLengthW
GetParent
RegisterClassExW
wsprintfW
LoadCursorW
GetClassInfoExW
CreateWindowExW
DefWindowProcW
EndDialog
CallWindowProcW
OffsetRect
EndPaint
GetClientRect
BeginPaint
GetDlgItem
SendMessageW
MapWindowPoints
GetWindowRect
SetFocus
DestroyWindow
IsWindow
InvalidateRect
LoadStringW
ShowWindow
GetActiveWindow
EnableWindow
SetCursor
DialogBoxParamW
SetWindowTextW
PostThreadMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PostMessageW
RedrawWindow
ClientToScreen
DestroyMenu
TrackPopupMenu
CheckMenuItem
EnableMenuItem
GetCursorPos
GetSubMenu
LoadMenuW
SetClassLongW
GetClassLongW
LoadBitmapW
GetSysColorBrush
SetParent
ScreenToClient
GetDC
ReleaseDC
SetTimer
KillTimer
DrawTextW
GetSysColor
PtInRect

aclui

ord1

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.45s
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.05s0
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85s09
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.65s
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0l5s
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.av1
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.75s
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85s
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.05s
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85s0
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85s00
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dc89a3e34eddbf68477d4297193e4c3

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

advapi32

gdi32

kernel32

ole32

oleaut32

shell32

user32

aclui

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 21B

.45s Size: 512B - Virtual size: 172B

.05s0 Size: 512B - Virtual size: 182B

.85s09 Size: 512B - Virtual size: 168B

.65s Size: 512B - Virtual size: 178B

.0l5s Size: 512B - Virtual size: 190B

.av1 Size: 358KB - Virtual size: 357KB

.75s Size: 512B - Virtual size: 186B

.85s Size: 512B - Virtual size: 164B

.05s Size: 512B - Virtual size: 174B

.85s0 Size: 512B - Virtual size: 174B

.85s00 Size: 512B - Virtual size: 174B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 248B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 21B

.45s
Size: 512B - Virtual size: 172B

.05s0
Size: 512B - Virtual size: 182B

.85s09
Size: 512B - Virtual size: 168B

.65s
Size: 512B - Virtual size: 178B

.0l5s
Size: 512B - Virtual size: 190B

.av1
Size: 358KB - Virtual size: 357KB

.75s
Size: 512B - Virtual size: 186B

.85s
Size: 512B - Virtual size: 164B

.05s
Size: 512B - Virtual size: 174B

.85s0
Size: 512B - Virtual size: 174B

.85s00
Size: 512B - Virtual size: 174B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 248B