7f54ce5d333ece9d5ab0a9da00f3bbd6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7f54ce5d333ece9d5ab0a9da00f3bbd6_JaffaCakes118
Size

239KB
MD5

7f54ce5d333ece9d5ab0a9da00f3bbd6
SHA1

ff86448a5bf56096395137d7c69551a2cca52cb1
SHA256

6de34bc98ea9fcbffd71cec5a8f27d5be72be4be66a02901ab50ebba41966074
SHA512

713f35072d2009d6fd172570075b54491f360240b0c6f9405e2e4cb196a7f5949b15d1a8b834a023afb6419654a775019735a6e61cf080276b94b8d9d1dbefb4
SSDEEP

3072:qTVVT0gg95XtpbjVOdeFdeLHE0jiNFxxr5tYE3cxDwcrtfx:YTBO5tpFOydeLpjiNDxHn3cRfVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f54ce5d333ece9d5ab0a9da00f3bbd6_JaffaCakes118

Files

7f54ce5d333ece9d5ab0a9da00f3bbd6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5e148cebca8aec433e9072b39e809379

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
CloseHandle
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetModuleHandleA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
GetACP
TlsGetValue
GetModuleHandleW
HeapAlloc
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
HeapFree
GetLastError
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
CreateFileA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
ReadFile
GlobalAlloc
lstrlenW
FindFirstVolumeMountPointW
SetConsoleScreenBufferSize
GetWindowsDirectoryA
GetCPInfoExA
LoadLibraryA
GetProcAddress
VirtualProtect
TlsAlloc

user32

SetWindowLongW
TrackMouseEvent
IntersectRect
CreateIconIndirect
DialogBoxIndirectParamW
IsMenu
RegisterWindowMessageW
DeferWindowPos
GetListBoxInfo
GetMonitorInfoA
DlgDirListW
GetMessageW
SetMenuItemInfoW
EnumChildWindows
SetWindowTextA
DdeQueryNextServer
SetCursorPos
PeekMessageW
CharPrevW
DestroyMenu
DdeQueryStringW
PostThreadMessageA
WinHelpA
ChangeMenuW
SetMenuInfo
MenuItemFromPoint
DialogBoxIndirectParamA
GetWindowTextLengthA
IsDialogMessageA
GrayStringA
SetDebugErrorLevel
DlgDirSelectComboBoxExW
CharLowerBuffA
LoadIconA
GetDlgItemInt
FlashWindow
UnregisterDeviceNotification
SetRectEmpty
WindowFromDC
GetScrollPos
GetUserObjectInformationA
LoadCursorFromFileW
DestroyCaret
UserHandleGrantAccess
DdeConnect
EnumThreadWindows
ExitWindowsEx
SetWindowLongA
GetKeyNameTextW
DlgDirSelectExA
LoadKeyboardLayoutA
DdeGetLastError
GetClassNameA
SetPropW
GetMenuItemInfoW
WinHelpW
AnimateWindow
LoadMenuIndirectW
PostQuitMessage
GetClassWord
ToAscii
GetDlgItemTextW
OemKeyScan
SendMessageTimeoutW
GetClassLongA
InsertMenuW
SetClipboardViewer
DrawFocusRect
GetWindowInfo
TrackPopupMenuEx
DefDlgProcA
SendNotifyMessageA
GetKBCodePage
RealGetWindowClassA
ChangeDisplaySettingsA
ReleaseDC
GetWindowTextA
SwitchDesktop
InsertMenuA
CreateWindowExW
LoadMenuW
SetCursor
DrawAnimatedRects
SetWindowRgn
SendMessageA
GetOpenClipboardWindow
GetClassInfoExA
GetParent
CreateAcceleratorTableW
mouse_event
AppendMenuA
DdeNameService
GetCursor
SetPropA
AppendMenuW
TranslateAcceleratorA
TranslateMDISysAccel
MapVirtualKeyW
DrawStateA
SetKeyboardState
DrawIcon
EndDeferWindowPos
GetDlgCtrlID
GetCapture
GetMenuCheckMarkDimensions
GetAltTabInfoA
LoadCursorA
BroadcastSystemMessageA
SetSysColors
EnumWindowStationsA
IsCharAlphaNumericW
OpenDesktopA
DdeEnableCallback

advapi32

PrivilegedServiceAuditAlarmA
EnumServicesStatusA
RegQueryMultipleValuesA
RegRestoreKeyW
GetPrivateObjectSecurity
RegQueryInfoKeyW
AddAccessAllowedAceEx
RegSetValueA
GetSecurityDescriptorGroup
RegQueryValueExW
AddAccessAllowedAce
CreatePrivateObjectSecurityEx
LookupAccountSidW
GetLengthSid
RegQueryValueExA
InitiateSystemShutdownA
GetServiceDisplayNameA
InitializeSecurityDescriptor
AbortSystemShutdownW
PrivilegedServiceAuditAlarmW
ConvertToAutoInheritPrivateObjectSecurity
MakeSelfRelativeSD
DeleteAce
SetThreadToken
UnlockServiceDatabase
GetKernelObjectSecurity
AddAccessDeniedAceEx
AccessCheckAndAuditAlarmW
ObjectOpenAuditAlarmW
RegCreateKeyW
AllocateLocallyUniqueId
AddAuditAccessObjectAce
RegDeleteValueA
OpenServiceW
ObjectOpenAuditAlarmA
ImpersonateLoggedOnUser
RegConnectRegistryW
LogonUserW
RegNotifyChangeKeyValue
GetSidLengthRequired

msimg32

TransparentBlt

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e148cebca8aec433e9072b39e809379

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 34KB - Virtual size: 569KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 34KB - Virtual size: 569KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 11KB - Virtual size: 11KB