442add686cd63f2657bbb8baae88330b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

442add686cd63f2657bbb8baae88330b_JaffaCakes118
Size

679KB
MD5

442add686cd63f2657bbb8baae88330b
SHA1

e8509a9a616992b9b96f7cad6fd4992b64b8eb72
SHA256

5d2fbcd8887f246b09b80bf59a29137ba43e05f7651bf173bae9bdb88da4a21d
SHA512

02781ef3e6d83a50efdae2dafb6413d5d5335f4654555da345356b46809ea89fa7f0d661b371882ad617ad072583efda2e4fc36a1609cb3dd9f4a97329f99c43
SSDEEP

12288:/Q2Wmzqwk8LaUjYDyFWCu3SDIIRIiuYQi01FvMMs9xL:/QLeqwk8LaDyF7DIIRIizQ1pI9x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442add686cd63f2657bbb8baae88330b_JaffaCakes118

Files

442add686cd63f2657bbb8baae88330b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

056654ee3e8bffa55768279e78438857

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryExW
GetModuleFileNameW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
GetCurrentThreadId
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
HeapAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetCommandLineW
MultiByteToWideChar
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
RaiseException
RtlUnwind
DecodePointer
EncodePointer
GetEnvironmentStringsW
GetThreadLocale
LoadLibraryA
LCMapStringW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
LoadLibraryW
WriteConsoleW
CreateFileW
InitializeCriticalSection
GetLastError
GetCurrentThread
LocalAlloc
GetCurrentProcess
GetModuleHandleA
Sleep
GetWindowsDirectoryA
GlobalLock
HeapFree
DeleteFileA
VirtualAlloc
CreateEventA
WaitForSingleObject
CreateFileA
WriteFile
GlobalUnlock
GetFileSize
CloseHandle
InterlockedDecrement
InterlockedIncrement
FreeEnvironmentStringsW
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FormatMessageA
ReadConsoleW
UnhandledExceptionFilter
GetProcessHeap
ReadFile
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
CreateThread
TlsAlloc
SetEndOfFile

user32

TranslateMessage
DispatchMessageA
CreateWindowExW
LoadIconA
TranslateAcceleratorA
ReleaseDC
PostQuitMessage
DefWindowProcA
DestroyWindow
LoadStringW
LoadAcceleratorsA
LoadCursorA
RegisterClassExW
ShowWindow
UpdateWindow
GetMessageA
DialogBoxParamA
EndPaint
MessageBoxA
WinHelpA
GetDC
GetForegroundWindow
SendMessageA
GetDlgItem
SetFocus
OpenClipboard
GetClipboardData
SetClipboardViewer
GetSysColor
GetWindowDC
GetWindowRect
GetCursorPos
GetSystemMetrics
InflateRect
GetWindowTextLengthA
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
GetWindowTextA
IsWindowEnabled
EnableScrollBar
GetScrollInfo
SetScrollInfo
GetWindowLongA
SetScrollPos
SetWindowTextW
InvalidateRect
SetRect
MoveWindow
GetDialogBaseUnits
SystemParametersInfoA
SetWindowPos
GetClientRect
DrawTextA
RegisterClassExA
CreateWindowExA
SetForegroundWindow
GetMessageW
DispatchMessageW
EndDialog
SetTimer
KillTimer
BeginPaint

gdi32

GetMetaFileA
CreateDIBSection
ChoosePixelFormat
SetTextColor
GetPixel
CreateCompatibleDC
CreateCompatibleBitmap
GetEnhMetaFileA
GetEnhMetaFileHeader
DeleteDC
GetMetaFileBitsEx
DeleteMetaFile
SetWinMetaFileBits
CreateSolidBrush
GetTextExtentPoint32A
TextOutA
SetPixelFormat
BitBlt
SelectObject
DeleteObject

winspool.drv

ConnectToPrinterDlg

comdlg32

GetOpenFileNameA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AllocateAndInitializeSid
GetTokenInformation
RevertToSelf
OpenThreadToken
LogonUserA
ImpersonateAnonymousToken
AdjustTokenPrivileges

shell32

Shell_NotifyIconA

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
CoInitialize

oleaut32

OleTranslateColor
OleCreatePictureIndirect

ws2_32

WSAStartup
WSAGetLastError
socket

userenv

LoadUserProfileA

avifil32

AVIMakeCompressedStream
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat
AVISaveOptionsFree
AVISaveOptions

winmm

mmioSeek

shlwapi

PathStripToRootA

pdh

PdhOpenQueryA

rpcrt4

UuidCreateSequential

opengl32

wglMakeCurrent
glLoadIdentity
glOrtho
wglCreateContext
glViewport
glMatrixMode

glu32

gluLookAt

imm32

ImmGetContext
ImmCreateContext
ImmAssociateContext
ImmDestroyContext
ImmGetOpenStatus
ImmReleaseContext
ImmGetConversionStatus

wsnmp32

ord202
ord203

rasapi32

RasDeleteEntryW

rasdlg

RasPhonebookDlgA
RasEntryDlgW

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

056654ee3e8bffa55768279e78438857

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

userenv

avifil32

winmm

shlwapi

pdh

rpcrt4

opengl32

glu32

imm32

wsnmp32

rasapi32

rasdlg

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 6KB - Virtual size: 15KB

.rdata Size: 6KB - Virtual size: 5KB

.data1 Size: 3KB - Virtual size: 2KB

.trace Size: 12KB - Virtual size: 11KB

.rsrc Size: 266KB - Virtual size: 265KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 6KB - Virtual size: 15KB

.rdata
Size: 6KB - Virtual size: 5KB

.data1
Size: 3KB - Virtual size: 2KB

.trace
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 266KB - Virtual size: 265KB

.reloc
Size: 17KB - Virtual size: 17KB