ffd777beb5e8ab02b56f32a9b07412c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffd777beb5e8ab02b56f32a9b07412c0_JaffaCakes118
Size

463KB
MD5

ffd777beb5e8ab02b56f32a9b07412c0
SHA1

86786a7a493c0f47f70c29890be651699ddb42f6
SHA256

486cb503f7f988965ba5ca48f427c533860e7cbe30aa83221867d8d4acd119c2
SHA512

642cc154d0f8b14ce34b3aebc115a627b24d76d77d00eb00e7278a40c251caf93d4e50e64a1ce8c238de234f136f355c36ab2588fcdcbe9a58c7c0023d1a813c
SSDEEP

12288:MdmX5/B/Pho/a/1ZmS5HHjyc2KNKrTvVeYMWA586K4rKJ8x:TX5/B/e/aGS5HDf2KNSteYMWDJ8x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd777beb5e8ab02b56f32a9b07412c0_JaffaCakes118

Files

ffd777beb5e8ab02b56f32a9b07412c0_JaffaCakes118
.exe windows:6 windows x64 arch:x64

4719b02304af42d5d7e52bfb2da0f4e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
wcschr
memcpy
wcslen
wcscpy
wcscmp
memmove
wcscat
strncpy
memcmp
_wfopen
_setjmp
fclose
malloc
free
longjmp
wcsncmp
wcsncpy
_wcsicmp
tolower
floor
_localtime64
_mktime64
_wcsnicmp
_itow
_gmtime64
fabs
ceil
fseek
ftell
fread
pow
??3@YAXPEAX@Z
wcsstr
_wcsdup
_isnan
exit
sprintf
__iob_func
fprintf
fwrite
fflush
ferror
getenv
sscanf
_vsnwprintf
sinf
cosf
fmodf
abs

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
OpenProcess
TerminateProcess
CreateFileW
ReadDirectoryChangesW
GetDriveTypeW
GetVolumeInformationW
HeapFree
TlsGetValue
HeapAlloc
TlsSetValue
TlsAlloc
UnregisterWait
EnterCriticalSection
LeaveCriticalSection
TlsFree
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
GetCurrentThread
DuplicateHandle
RegisterWaitForSingleObject
WaitForSingleObject
LoadLibraryW
GetProcAddress
CreateThread
TerminateThread
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
CreatePipe
GetStdHandle
CreateProcessW
RtlLookupFunctionEntry
RtlVirtualUnwind
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
FreeLibrary
HeapReAlloc
GetCurrentThreadId
GetTickCount
WideCharToMultiByte
DeleteFileW
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetComputerNameW
SetLastError
GetCurrentProcessId
SetFileAttributesW
FindFirstFileW
FindClose
GetFileAttributesW
GetLastError
FindNextFileW
GetTempPathW
MoveFileW
CopyFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateDirectoryW
WriteFile
SetFilePointer
ReadFile
MulDiv
GetLocalTime
GlobalLock
GlobalUnlock
HeapSize
MultiByteToWideChar

user32

GetForegroundWindow
SetWindowsHookExW
MapVirtualKeyW
GetKeyNameTextW
GetAsyncKeyState
CallNextHookEx
GetWindowTextLengthW
GetWindowTextW
GetWindowRect
ClientToScreen
GetDesktopWindow
GetDC
ReleaseDC
GetClassNameW
GetWindowLongPtrW
IsWindow
SetMenu
DestroyMenu
GetSystemMetrics
DestroyWindow
SystemParametersInfoW
GetWindow
SetActiveWindow
SendMessageW
DestroyIcon
LoadIconW
LoadCursorW
GetPropW
RegisterClassW
AdjustWindowRectEx
CreateWindowExW
SetPropW
ShowWindow
CreateAcceleratorTableW
UnregisterClassW
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DefFrameProcW
DefWindowProcW
GetParent
RemovePropW
DestroyAcceleratorTable
SetRect
EnumChildWindows
SetFocus
GetFocus
PostMessageW
SetWindowPos
IsWindowEnabled
IsWindowVisible
GetKeyState
GetWindowThreadProcessId
IsChild
RegisterWindowMessageW
EnumDisplaySettingsW
OpenClipboard
GetClipboardData
CloseClipboard
FillRect
CopyImage
CharLowerW
CharUpperW
CallWindowProcW
SetWindowLongPtrW
GetIconInfo
DrawIconEx

gdi32

BitBlt
DeleteObject
GetStockObject
CreateFontIndirectW
GetDeviceCaps
CreateDCW
DeleteDC
GetObjectType
GetObjectW
CreateCompatibleDC
SelectObject
CreateSolidBrush
GdiGetBatchLimit
GdiSetBatchLimit
CreateDIBSection
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateBitmap
SetPixel
GetDIBits
GetTextExtentPoint32W
SetBkMode
SetTextAlign
SetBkColor
SetTextColor
TextOutW
GetTextMetricsW
CreateCompatibleBitmap
GetPixel

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
SHGetFolderLocation

wsock32

closesocket
WSACleanup
WSAStartup
select
__WSAFDIsSet
ioctlsocket
recvfrom
socket
inet_addr
gethostbyname
htons
bind
connect
recv
send
sendto
accept
listen
WSAGetLastError

ole32

CoInitialize
CoCreateInstance
CoUninitialize
RevokeDragDrop
CoTaskMemFree

winmm

timeBeginPeriod

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree
GdipGetDpiX
GdipGetDpiY

advapi32

GetUserNameW

comctl32

InitCommonControlsEx

Sections

.code
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4719b02304af42d5d7e52bfb2da0f4e8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shell32

wsock32

ole32

winmm

gdiplus

advapi32

comctl32

Sections

.code Size: 64KB - Virtual size: 63KB

.text Size: 219KB - Virtual size: 218KB

.rdata Size: 37KB - Virtual size: 36KB

.pdata Size: 11KB - Virtual size: 10KB

.data Size: 54KB - Virtual size: 68KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 1KB - Virtual size: 1KB

.code
Size: 64KB - Virtual size: 63KB

.text
Size: 219KB - Virtual size: 218KB

.rdata
Size: 37KB - Virtual size: 36KB

.pdata
Size: 11KB - Virtual size: 10KB

.data
Size: 54KB - Virtual size: 68KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 1KB - Virtual size: 1KB