7a2376ccde443fa7f9a47dd54704b650_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7a2376ccde443fa7f9a47dd54704b650_JaffaCakes118
Size

375KB
MD5

7a2376ccde443fa7f9a47dd54704b650
SHA1

b4f22e80c8eafd9420d911b16f26ff8ffc580f95
SHA256

40232eaf1cac225845334a602c10f53fb9f257f47d2f1e15dd7adc7c616e683c
SHA512

ecb92840d507a9a7c477a68d75b10b26edab82ca850b0d2e501015a716c79aad1fcc7d6d99c97a7326fdf424538eb87b7d55bdbda20a0dae273a6a33b3cc90e4
SSDEEP

6144:CcVV4hVSYMxKKo9UsXx1IdwVWX4Vfsj2nnUBKV+7WRypQZzySVZ:Cd0PUpXvCwUxwtY7WCQZzySn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a2376ccde443fa7f9a47dd54704b650_JaffaCakes118

Files

7a2376ccde443fa7f9a47dd54704b650_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbb95ae84dfc7a3fa67681ac4d59b5ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetTimeZoneInformation
GetFileType
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetCurrentDirectoryW
GetStringTypeW
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
FillConsoleOutputAttribute
WriteFile
GetFullPathNameA
GetDriveTypeW
QueryPerformanceFrequency
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
FreeLibrary
TlsFree
DecodePointer
FindFirstFileExA
GetConsoleScreenBufferInfo
GetCommandLineA
GetCommandLineW
SetStdHandle
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
GetConsoleWindow
SetConsoleTextAttribute
SetConsoleCursorPosition
IsValidCodePage
FillConsoleOutputCharacterA
GetVolumeInformationW
FindNextFileA
FindFirstFileA
SetFileAttributesA
GetProcAddress
CreateFileA
RemoveDirectoryA
GetSystemDirectoryW
GetModuleFileNameA
LoadLibraryW
CreateEventA
lstrlenA
lstrcatA
lstrcpyA
lstrcmpiA
FormatMessageA
MulDiv
SetCommTimeouts
SetCommState
GetCommTimeouts
SetupComm
CloseHandle
FindClose
ReadFile
GetStdHandle
ResetEvent
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GetLastError
GetCurrentThread
RtlUnwind
RaiseException
GetModuleHandleW
GetCurrentProcess
HeapAlloc
LocalFree
LocalAlloc
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateFileW

user32

DispatchMessageA
GetMessageA
EnumWindowStationsW
DefWindowProcA
PostQuitMessage
wsprintfA
SendMessageA
IsDialogMessageA
GetIconInfo
DrawIconEx
DestroyIcon
LoadCursorA
GetWindow
GetClassNameA
SetWindowLongA
GetWindowLongA
FillRect
WindowFromPoint
GetCursorPos
SetCursor
ShowCursor
MessageBoxA
GetWindowContextHelpId
GetClientRect
GetWindowTextA
EndPaint
BeginPaint
ReleaseDC
GetDC
GetForegroundWindow
SetActiveWindow
UpdateWindow
DrawTextA
GetMenuCheckMarkDimensions
GetSubMenu
EnableMenuItem
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItem
EndDialog
BeginDeferWindowPos
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA

gdi32

GetDeviceCaps
SetBrushOrgEx
SetWindowExtEx
MoveToEx
GetObjectA
EndPage
StartPage
EndDoc
StartDocA
CreateDIBSection
SetTextJustification
StretchBlt
SetPixelV
SetMapMode
SelectObject
RestoreDC
LineTo
DescribePixelFormat
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontA
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

PageSetupDlgA
PrintDlgA
ReplaceTextA
FindTextA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

advapi32

NotifyChangeEventLog
GetNumberOfEventLogRecords
GetOldestEventLogRecord
OpenEventLogA
ReadEventLogA
ConvertSidToStringSidA
RegSetValueA
RegOpenKeyA
RegCloseKey
CheckTokenMembership
GetSidSubAuthorityCount
GetSidIdentifierAuthority
FreeSid
AllocateAndInitializeSid
IsValidSid
PrivilegeCheck
GetTokenInformation
OpenThreadToken
OpenProcessToken
CloseEventLog

shell32

SHGetFolderPathA

ole32

CoInitialize

oleaut32

LoadTypeLibEx
OleSavePictureFile

ws2_32

WSASocketA
WSAAsyncGetServByPort

avifil32

AVISaveOptions

shlwapi

UrlUnescapeW
UrlUnescapeA

comctl32

ImageList_DragShowNolock
ord17

activeds

ord9

usp10

ScriptGetFontProperties
ScriptGetCMap

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbb95ae84dfc7a3fa67681ac4d59b5ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

avifil32

shlwapi

comctl32

activeds

usp10

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 144KB - Virtual size: 144KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 144KB - Virtual size: 144KB

.reloc
Size: 9KB - Virtual size: 9KB