094f1a36cf540ff71b37e31602565b4b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

094f1a36cf540ff71b37e31602565b4b_JaffaCakes118
Size

655KB
MD5

094f1a36cf540ff71b37e31602565b4b
SHA1

6654b0e101adb769565cf1032432ab5007fb8aad
SHA256

e8019df6572b12d099ac33d3c02e7cbd02971e55700430f5bbcd7855c4ff6ce0
SHA512

7127f26d41e50efb7b3730026af3251908dea8085bea7e38bc9684e0547d37b5ccffcd3cab98b9759345a99abddff9533a9a852dd141dad6790a7367054eb92f
SSDEEP

12288:bvfSA+kxGOuR38OwrpyDTf8Ca99VK1Gr605Hizr:bvf4kxiTIpyDT079XwGr6Eiz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094f1a36cf540ff71b37e31602565b4b_JaffaCakes118

Files

094f1a36cf540ff71b37e31602565b4b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

1cac68f6e50eb09d8a3d6688b62a8cc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
OutputDebugStringW
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryExW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetFileType
GetProcessHeap
GetOEMCP
GetACP
IsValidCodePage
SetEndOfFile
IsDebuggerPresent
HeapSize
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
ExitProcess
IsProcessorFeaturePresent
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
GetConsoleWindow
SetConsoleWindowInfo
SetConsoleScreenBufferSize
EnumLanguageGroupLocalesA
GetFullPathNameW
LoadLibraryA
MulDiv
GetCommModemStatus
CloseHandle
GetStdHandle
WaitForMultipleObjects
WaitForSingleObject
GetCurrentThreadId
CreateThread
GetCurrentProcessId
OpenProcess
GlobalFree
GetProcAddress
FreeLibrary
GetModuleHandleW
GetModuleHandleA
GlobalUnlock
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
GetCommandLineW
HeapFree
GetCPInfo
RtlUnwind
RaiseException
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
GlobalLock
GlobalAlloc
lstrlenW
FormatMessageW
EnterCriticalSection
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LocalFree
LCMapStringW
LocalAlloc

user32

DefWindowProcW
PostQuitMessage
RegisterClassExW
CreateWindowExW
DispatchMessageW
OpenClipboard
CloseClipboard
TranslateMessage
GetMessageW
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetKeyState
SetTimer
TranslateAcceleratorW
InsertMenuItemW
CreatePopupMenu
CreateMenu
SetMenu
CreateAcceleratorTableW
ShowWindow
LoadBitmapA
GetDesktopWindow
SetWindowLongA
GetWindowLongA
GetWindowRect
SetWindowRgn
EndPaint
BeginPaint
GetDC
DrawTextExW
GetDlgItemTextA
SetDlgItemTextA
EndDialog
SetWindowPos
DestroyWindow
DefWindowProcA
AttachThreadInput
wsprintfW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
LoadIconW
LoadCursorW
MessageBoxW
GetClientRect
SetWindowTextW
ValidateRect
InvalidateRect
UpdateWindow

gdi32

StartPage
SetTextColor
SetBkMode
SelectObject
Rectangle
AddFontResourceExW
GetCurrentObject
DeleteObject
CreateRectRgnIndirect
CreatePen
CreateFontIndirectA
CreateCompatibleDC
CreateBrushIndirect
GetObjectA

comdlg32

GetOpenFileNameW
CommDlgExtendedError
ChooseFontW
GetSaveFileNameW

advapi32

QueryServiceStatus
CryptEnumProviderTypesA

shell32

ord155
SHGetMalloc
DragFinish
ord28
SHGetDesktopFolder
DragQueryFileW

ole32

ReadClassStg
CoUninitialize
CoTaskMemFree
StgOpenStorage
StgCreateDocfile
CoInitialize

psapi

QueryWorkingSet

comctl32

ord17
ImageList_Draw
ImageList_GetIconSize

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

ws2_32

WSAStartup

netapi32

NetAuditClear

pdh

PdhGetDefaultPerfCounterW
PdhGetDefaultPerfCounterHA

d2d1

ord1

dwrite

DWriteCreateFactory

rpcrt4

UuidCreate
UuidToStringA

oledlg

OleUIInsertObjectW

authz

AuthzInitializeResourceManager

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cac68f6e50eb09d8a3d6688b62a8cc6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

psapi

comctl32

gdiplus

ws2_32

netapi32

pdh

d2d1

dwrite

rpcrt4

oledlg

authz

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 18KB - Virtual size: 29KB

.rsrc Size: 428KB - Virtual size: 427KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 18KB - Virtual size: 29KB

.rsrc
Size: 428KB - Virtual size: 427KB

.reloc
Size: 10KB - Virtual size: 10KB