0d317ac4ecc3afb444f5cfb9dc5a048d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d317ac4ecc3afb444f5cfb9dc5a048d_JaffaCakes118
Size

71KB
MD5

0d317ac4ecc3afb444f5cfb9dc5a048d
SHA1

fd4826804c8ee5efcf2069d199a70ff2041a7ed6
SHA256

460d28eefd7fdf0e76889bdc019bcaae8b694937d4993238b9a48cc257238b4b
SHA512

c82d968aec1c90ca487696657cf0bb0b3a858c17dc372ae555127bd5024db9c2259ecdca1bde7a6c256e8097a428f46b8103bb94c94450dd6f352013e402d275
SSDEEP

1536:pOxZJFkK16N0ujsU863pPN8B8gMSsH7Ipv:pOx+XN0QsnEyBhMpIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d317ac4ecc3afb444f5cfb9dc5a048d_JaffaCakes118

Files

0d317ac4ecc3afb444f5cfb9dc5a048d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43c565bd9c84d48cd3abc1b6ec7f5621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
MapViewOfFile
QueryDosDeviceW
QueryPerformanceCounter
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RtlUnwind
SetCommMask
SetConsoleCursorInfo
SetEndOfFile
IsValidLocale
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetLastError
SetThreadPriority
Sleep
TerminateProcess
UnlockFileEx
UnmapViewOfFile
WaitForMultipleObjects
IsValidLanguageGroup
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapDestroy
HeapAlloc
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetVolumeInformationW
GetVersion
GetTickCount
GetTempFileNameW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetStartupInfoW
GetProfileIntA
GetProcessHeap
GetLongPathNameW
GetLongPathNameA
GetLocaleInfoA
GetLocalTime
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetDriveTypeW
GetDriveTypeA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleTitleA
GetConsoleDisplayMode
FlushFileBuffers
FindVolumeMountPointClose
GetModuleHandleA
FileTimeToSystemTime
ExitProcess
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CopyFileW
CompareFileTime
CallNamedPipeA
AssignProcessToJobObject
AddConsoleAliasW
LoadLibraryW
GetProcAddress
SetEvent

user32

DlgDirListA
DispatchMessageW
DdeDisconnect
CreateIcon
CloseDesktop
CheckMenuItem
CharToOemA
CharNextA
CharLowerBuffW
ChangeClipboardChain
CascadeWindows
LoadIconW
DlgDirListComboBoxW
DlgDirListW
DrawAnimatedRects
EndMenu
EnumDisplayDevicesW
FlashWindow
GetClientRect
GetDlgCtrlID
GetGuiResources
GetIconInfo
GetKeyboardLayout
GetMenuItemRect
GetMessageA
GetTitleBarInfo
InflateRect
InsertMenuW
KillTimer
LoadBitmapW
MapDialogRect
MessageBoxW
MonitorFromRect
MsgWaitForMultipleObjects
OemToCharBuffA
OemToCharW
OpenInputDesktop
PackDDElParam
PeekMessageW
PostThreadMessageA
WindowFromPoint
VkKeyScanExA
TranslateMessage
SwitchDesktop
SetWindowsHookW
SetTimer
SetSystemCursor
SetProcessDefaultLayout
SetParent
SetActiveWindow

gdi32

GdiEntry10
GdiGetDevmodeForPage
GdiInitializeLanguagePack
GdiPlayPageEMF
GdiSetAttrs
GdiSetPixelFormat
GetBkMode
GetBoundsRect
GetEUDCTimeStampExW
GetEnhMetaFileA
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetFontUnicodeRanges
GetKerningPairsA
GdiDeleteLocalDC
GetObjectW
GetTextExtentPointI
GetWorldTransform
LineDDA
OffsetRgn
RoundRect
SelectBrushLocal
SetBoundsRect
SetColorAdjustment
SetLayoutWidth
SetRectRgn
SetStretchBltMode
SetSystemPaletteUse
StretchBlt
TextOutA
GdiConvertToDevmodeW
GdiAddGlsRecord
AddFontResourceExA
CombineRgn
CreateCompatibleDC
CreatePen
CreateRoundRectRgn
CreateScalableFontResourceW
EndPage
EngCheckAbort
EngDeletePath
EngMultiByteToUnicodeN
GetMetaFileA
GetAspectRatioFilterEx
EngPlgBlt

advapi32

SetFileSecurityW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
IsValidSecurityDescriptor
GetSecurityDescriptorLength
GetSecurityDescriptorControl
GetFileSecurityW
RegOpenKeyW
RegQueryValueExW
TraceMessage

shell32

ShellExecuteExW
Shell_NotifyIconA
ShellExecuteW
SHQueryRecycleBinA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFolderLocation
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DragQueryFileW
ExtractIconExW
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolder
SHChangeNotify
SHCreateDirectoryExW
SHFileOperationW
SHFormatDrive
SHGetDataFromIDListW
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
WOWShellExecute

ole32

StringFromCLSID
PropVariantCopy
PropVariantClear
CreateStreamOnHGlobal
CoUnmarshalInterface
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoReleaseMarshalData
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetMalloc
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CLSIDFromString
CoGetInterfaceAndReleaseStream

shlwapi

PathGetCharTypeW
PathRemoveBackslashW
PathRemoveFileSpecW
PathUndecorateW
StrChrA
StrChrIA
StrChrIW
StrCmpNIA
StrStrW
PathGetCharTypeA

msvcrt

towupper
towlower
swscanf
rand
qsort
memset
memmove
memcpy
wcscpy
wcslen
wcsncmp
wcsncpy
wcspbrk
wcsrchr
wcsstr
wcstombs
wcstoul
wcschr
_CIpow
_CIsqrt
_XcptFilter
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_amsg_exit
_beginthreadex
_cexit
_controlfp
_exit
_initterm
_lock
_onexit
_purecall
_snwprintf
_unlock
_vsnwprintf
_wcmdln
_wcsicmp
_wcsnicmp
_wtoi
_wtoi64
_wtol
abs
atoi
bsearch
exit
floor
free
iswalnum
iswdigit
iswspace
malloc
memcmp

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43c565bd9c84d48cd3abc1b6ec7f5621

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB