6d8ceeef953089530344ebf2d5aa2708_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6d8ceeef953089530344ebf2d5aa2708_JaffaCakes118
Size

284KB
MD5

6d8ceeef953089530344ebf2d5aa2708
SHA1

b665cce6b911e81ac6e23f3ecc96cc899947b4fc
SHA256

89c8d4e340235b27896cbbef54c1b4aeb67ef2b79f46b98e7d996aa866fefa06
SHA512

78d4c9b767df0ba8a9af0bb1d08900e9be5c488d763a475039dcfc1a13a037c5f4577d65ecf7078754b419c4a8b5601105801328822c15b4b33e37b7a6b816ab
SSDEEP

6144:TG6Kr8pABaeNRHpkZyo9RC6zpZlKIVT6tVs8RA5yTU9ndA:nKr8WBn7pk/9XblKIFxmA5yT4dA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d8ceeef953089530344ebf2d5aa2708_JaffaCakes118

Files

6d8ceeef953089530344ebf2d5aa2708_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8b61c7917dc84bf3abd12e6355771c04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
GetProcAddress
GetModuleHandleW
RtlUnwind
HeapFree
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileW
GetProcessHeap
GlobalLock
GlobalUnlock
GetLastError
CreateEventA
WaitForSingleObject
HeapCreate
HeapAlloc
GetFileAttributesA
lstrlenW
WideCharToMultiByte
LocalAlloc
LocalFree
lstrlenA
lstrcatA
SetCommTimeouts
ClearCommError
SetCommMask
WaitCommEvent
MultiByteToWideChar
GetTempPathA
InterlockedDecrement
InterlockedIncrement
CreateFileA
GetFullPathNameA
BackupWrite
DeleteFileA
CloseHandle
Sleep
GetVersionExA
GetProfileIntA
GetProfileStringA
OutputDebugStringA
GetSystemInfo
GetFileSize
SetEndOfFile
CreateIoCompletionPort
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
QueryPerformanceFrequency
CreateThread
QueryPerformanceCounter
SwitchToThread
GlobalAlloc
GlobalFree
GetModuleHandleA
ExitProcess
LoadLibraryA

user32

GetSysColor
MonitorFromWindow
PostQuitMessage
SetMenu
ShowCursor
DefWindowProcA
ReleaseDC
GetMenuStringA
FillRect
TranslateMessage
GetMenuItemCount
SetCursor
GetKeyboardLayout
GetDlgItemTextA
SendDlgItemMessageA
SendMessageW
GetMenuItemID
MenuItemFromPoint
GetMenu
ScreenToClient
EnumWindows
LoadMenuA
SetFocus
BeginPaint
EndPaint
RegisterClipboardFormatA
GetCursorPos
CreatePopupMenu
SendMessageA
GetWindowDC
GetWindowRect
GetClientRect
ClientToScreen
OffsetRect
GetDlgItem
GetSystemMenu
LoadIconA
LoadCursorA
DispatchMessageA
CreateWindowExA
GetDC
SetTimer
DestroyIcon
MessageBoxA
RegisterClassA
CopyRect
DrawFrameControl
LoadStringA
DialogBoxParamA
DestroyWindow
GetCursorInfo
GetIconInfo
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
SetWindowLongA
FindWindowA
GetWindowThreadProcessId
FindWindowExW
GetWindowTextW
FindWindowExA
KillTimer
InvalidateRect
UpdateWindow
MessageBoxW
DrawFocusRect
RegisterClassExA
SetWindowPos
GetMessageA
SetDlgItemTextA

gdi32

OffsetViewportOrgEx
StartDocA
StartPage
AbortDoc
Rectangle
GetMapMode
DPtoLP
TextOutA
SetViewportOrgEx
CreatePen
CreateSolidBrush
FillRgn
DeleteObject
CreateRectRgn
CombineRgn
ExcludeClipRect
GetStockObject
CreateCompatibleDC
CreateDIBSection
SelectObject
TextOutW
CreatePalette
CreateDCA
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
GetDIBits
DeleteDC
MoveToEx
LineTo
SetDIBitsToDevice
SetBkMode
SetTextColor
SetBkColor
ExtTextOutA
CreateDIBitmap
GetObjectA
SetMapMode
SetWindowExtEx
SetViewportExtEx

winspool.drv

EnumPrintersA

comdlg32

GetOpenFileNameA
PageSetupDlgA
PrintDlgA

advapi32

RegOpenKeyExA
CloseServiceHandle
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
QueryServiceConfig2A
RegQueryValueExA
CreateWellKnownSid
ConvertSidToStringSidA
QueryServiceConfigA
RegEnumValueA
RegCloseKey

shell32

SHGetDesktopFolder
ShellExecuteExW
ExtractIconExA
SHGetFolderPathW
SHBindToParent

ole32

OleInitialize
CoTaskMemFree
CoCreateInstance
CoInitialize
ReleaseStgMedium

oleaut32

OleLoadPicturePath

ws2_32

inet_ntoa
ntohs

avifil32

AVIStreamGetFrameOpen
AVIFileInit
AVIStreamOpenFromFileA
AVIFileExit
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamInfoA

msvfw32

ICCompressorChoose
ICCompressorFree

winmm

mciGetErrorStringA
mciSendCommandA

iphlpapi

GetTcpTable

shlwapi

SHCreateStreamOnFileA

comctl32

ImageList_ReplaceIcon
ImageList_Draw

opengl32

glViewport
glLoadIdentity
glMatrixMode

glu32

gluOrtho2D

imm32

ImmSetOpenStatus
ImmIsIME
ImmGetDescriptionA
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetContext

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

uxtheme

DrawThemeBackground

authz

AuthzFreeContext
AuthzInitializeResourceManager
AuthzInitializeContextFromSid
AuthzFreeResourceManager

wldap32

ord13
ord143
ord211
ord16

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b61c7917dc84bf3abd12e6355771c04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

avifil32

msvfw32

winmm

iphlpapi

shlwapi

comctl32

opengl32

glu32

imm32

wtsapi32

uxtheme

authz

wldap32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 53KB - Virtual size: 52KB