305fb326b1906e92a4c31f5c64825cef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

305fb326b1906e92a4c31f5c64825cef_JaffaCakes118
Size

330KB
MD5

305fb326b1906e92a4c31f5c64825cef
SHA1

f6948a54ebb7d5a9967e48522f7f427a15911ebb
SHA256

4c663be2abf9417d8160f68982f0d8b9907afdcc51838e72185a8f7738f99e51
SHA512

d1f7ccb092051292bfe84d94ffd78789e8fcf6ac910ad0321a5edbc07f187b06f38ab3bea2304f7e52d6e63dc05f09234f1da84df1aa0f0785b87e3474f4718b
SSDEEP

6144:7apl2BRuSZIGjF19erC8cGP3ry/IstViG3t7l:m2BRFtorc4UIstVV3t7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305fb326b1906e92a4c31f5c64825cef_JaffaCakes118

Files

305fb326b1906e92a4c31f5c64825cef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ae79c50cc81c12ec32582c2fe845945

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetLastError
FindResourceA
LoadResource
LockResource
LoadLibraryW
FreeResource
SizeofResource
GetProcAddress
CreateDirectoryA
FindFirstFileA
lstrcatA
lstrcpyA
CopyFileA
GetFileAttributesA
SetFileAttributesA
FindNextFileA
FindClose
Beep
CreateEventA
DeviceIoControl
SetConsoleOutputCP
SetConsoleCP
EnumSystemLanguageGroupsA
GetModuleFileNameW
GetCPInfo
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
LocalFree
LoadLibraryA
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
CreateThread
CloseHandle
SetEvent
HeapAlloc
lstrlenA
ExitProcess
Sleep
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
HeapFree
GetStartupInfoA
GetCommandLineA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringA
GetModuleHandleA
CreateFileA
TerminateProcess

user32

GetClientRect
ClientToScreen
ScreenToClient
EndPaint
OffsetRect
FillRect
RedrawWindow
MessageBoxW
SendMessageA
CreateDialogParamA
GetWindowLongA
SetDlgItemTextW
MapWindowPoints
DefWindowProcA
BeginPaint
LookupIconIdFromDirectory
CreateIconFromResource
SendInput
LoadImageA
IsWindow
GetWindowRect
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
GetSysColor
EnableMenuItem
GetParent
SetWindowLongA

gdi32

SelectObject
SetTextColor
GetTextExtentPoint32A
GetDeviceCaps
GetTextExtentPointA
CreateFontA
CreateCompatibleDC
GetGlyphOutlineA
PolyBezier
MoveToEx
LineTo
CreateCompatibleBitmap
CreateBitmap
SetBkColor
BitBlt
DeleteDC
DeleteObject
GetObjectA
CreateSolidBrush
SelectClipRgn

comdlg32

GetOpenFileNameA
GetSaveFileNameW

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

shell32

SHQueryRecycleBinA
SHBrowseForFolderA
SHCreateShellItem
SHEmptyRecycleBinA

ole32

StringFromGUID2
CoTaskMemFree

oleaut32

SafeArrayGetUBound
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetLBound
VariantCopyInd
VariantInit

netapi32

NetShareGetInfo

avifil32

AVIStreamGetFrameOpen

shlwapi

StrDupA
PathFindFileNameW
SHStrDupW

comctl32

ord412
ord413
DestroyPropertySheetPage
CreatePropertySheetPageW

gdiplus

GdipCreateFromHWND
GdipDeleteGraphics

opengl32

glClearColor
glHint
glEnable
glClearDepth
glDepthFunc
glShadeModel

dbghelp

SymGetModuleInfoW
SymGetOptions

winhttp

WinHttpCloseHandle
WinHttpCheckPlatform
WinHttpAddRequestHeaders

setupapi

SetupDiGetClassDevsA

urlmon

CreateURLMonikerEx
CreateFormatEnumerator

authz

AuthzInitializeContextFromSid
AuthzInitializeContextFromAuthzContext

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ae79c50cc81c12ec32582c2fe845945

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

netapi32

avifil32

shlwapi

comctl32

gdiplus

opengl32

dbghelp

winhttp

setupapi

urlmon

authz

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 6KB - Virtual size: 12KB

.rsrc Size: 213KB - Virtual size: 213KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 6KB - Virtual size: 12KB

.rsrc
Size: 213KB - Virtual size: 213KB