7034f17b2033bfd5ef9b0f81ce598da3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7034f17b2033bfd5ef9b0f81ce598da3_JaffaCakes118
Size

425KB
MD5

7034f17b2033bfd5ef9b0f81ce598da3
SHA1

959817c12dba46ce4e4595bf4f2374aadf52e8ef
SHA256

33175665dc003a737e982c767890412e57ea2ae96f25fd8535637f5894ff2074
SHA512

1390d2b6e58644238efb174f7b2726a5152e5b183dbbe4c02b0cacf796309df24c5e9bc4a4f26f1c525ae863f353020dcd6a63fa84afa6448072df87199a07c4
SSDEEP

6144:PqhlBy1+NR0frxdc6Dps/ep5NKWNzYXPAA5+VUbvpQhcHGBeBZq6wbTHK+5URA:PAlBpNR0fHcoNKWN7AQKG8BCbTHD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7034f17b2033bfd5ef9b0f81ce598da3_JaffaCakes118

Files

7034f17b2033bfd5ef9b0f81ce598da3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6c7f0eb533f8d3793e40f070e8b26263

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
WriteFile
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
SetStdHandle
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
GetFileType
GetStdHandle
SetHandleCount
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetLocalTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
LocalFree
CloseHandle
EndUpdateResourceA
LoadLibraryExA
GetModuleHandleA
SetCommMask
BeginUpdateResourceA
LockResource
LocalAlloc
LoadLibraryA
GlobalFree
GlobalGetAtomNameA
GetProcAddress
lstrcmpiA
GetLastError
FindFirstFileA
GetFileSizeEx
CreateFileA
GlobalUnlock
lstrcatA
ReadFile
CreateEventA
SizeofResource
Sleep
GlobalAlloc
FindResourceExA
EnumResourceTypesA
SetCommTimeouts
SetCommState
GetCurrentThread
WaitForSingleObject
GlobalLock
GetCurrentProcess
GlobalAddAtomA
UpdateResourceA
HeapAlloc
LoadResource
FreeLibrary
lstrlenA
FreeResource
FindResourceA
GlobalDeleteAtom
GetFileSize
GetCurrentThreadId

user32

ScreenToClient
GetWindowRect
GetUserObjectInformationA
GetMessageA
DestroyWindow
SetDlgItemTextA
EndDeferWindowPos
EndPaint
DdeDisconnect
DestroyIcon
UnpackDDElParam
DialogBoxParamA
GetDlgItemTextA
GetDlgCtrlID
TranslateMDISysAccel
CopyRect
GetWindowThreadProcessId
RegisterClassA
GetWindow
GetDialogBaseUnits
PackDDElParam
RegisterClassExA
DdeCreateStringHandleA
PostQuitMessage
SendDlgItemMessageA
FillRect
GetTopWindow
SetCapture
GetPropA
GetSubMenu
DrawIconEx
SetForegroundWindow
LoadStringA
GetFocus
LoadMenuA
LoadIconA
GetProcessWindowStation
DdeInitializeA
GetClientRect
CreateMenu
SetFocus
GetWindowTextLengthA
SendMessageA
BeginPaint
DdeFreeStringHandle
GetIconInfo
GetDC
DrawFocusRect
TranslateMessage
InflateRect
ChildWindowFromPoint
GetMenu
GetWindowWord
OffsetRect
GetCursorInfo
GetScrollInfo
MessageBoxA
DdeUninitialize
InvalidateRect
DdeCreateDataHandle
GetWindowLongA
CreateWindowExA
ReleaseDC
EnableMenuItem
TranslateAcceleratorA
GetDlgItem
DefWindowProcA
GetSysColor
GetCursorPos
LoadAcceleratorsA
GetSysColorBrush
FrameRect
FreeDDElParam
PostMessageA
DispatchMessageA
UnhookWindowsHookEx
DdeConnect
GetSystemMetrics
IsWindowVisible
InsertMenuA
SetWindowTextA
LoadImageA
UpdateWindow
DestroyMenu
FindWindowA
LoadCursorA

gdi32

DeleteObject
CreateCompatibleDC
SetMapMode
CreateCompatibleBitmap
SaveDC
SelectPalette
GetStockObject
CreateSolidBrush
GetTextFaceA
SetBkColor
CreateFontIndirectA
DeleteDC
GetBkMode
SetTextColor
SetWindowExtEx
SetViewportOrgEx
BitBlt
CreateDCA
TextOutA
CreateHalftonePalette
SelectObject

winspool.drv

ClosePrinter
GetPrinterA
EnumJobsA
EnumPrintersA
OpenPrinterA

comdlg32

PrintDlgA
ChooseColorA

advapi32

OpenServiceA
OpenSCManagerA
RegEnumValueA
QueryServiceConfigA
CloseServiceHandle
OpenProcessToken
OpenThreadToken
ConvertSidToStringSidA
GetTokenInformation
EnumServicesStatusExA
ChangeServiceConfigA
QueryServiceConfig2A
RegCloseKey
RegOpenKeyExA

shell32

SHGetFileInfoA

ole32

CreateStreamOnHGlobal
OleDraw

oleaut32

OleSavePictureFile
OleLoadPicture

ws2_32

htons
inet_addr
connect
gethostbyaddr

netapi32

NetGetJoinInformation
NetApiBufferFree

shlwapi

SHCreateStreamOnFileA
PathCompactPathA

comctl32

InitCommonControlsEx
ord411
ImageList_ReplaceIcon
ImageList_Create
ImageList_BeginDrag
ImageList_DragEnter

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7f0eb533f8d3793e40f070e8b26263

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

shlwapi

comctl32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 163KB - Virtual size: 163KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 77KB - Virtual size: 77KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 163KB - Virtual size: 163KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 77KB - Virtual size: 77KB