834300d014ae6e65201ce04d091219fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

834300d014ae6e65201ce04d091219fc_JaffaCakes118
Size

1.3MB
MD5

834300d014ae6e65201ce04d091219fc
SHA1

56af653938b12a12c4185ed71f221812c3fb4590
SHA256

7eb32bdb92a9768dfc8f30f22365aaac0d57931a77bffd71eb928f72dcdeab1e
SHA512

d8fa6271651ffa904e53f178a0d11907652169612ae7fea31207317de8901bdde153e7b13eeb40b7c7280c52df4d6cad23bc10d2735c74908482713a87997d58
SSDEEP

24576:BhNH39BauJj6+QY2rTG0F1X1xBblqQ3loqjXtYXFyPV3GrugU8CMl7BR:LBDl8RhrTFF1FxtloMXtsyD8xBR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
834300d014ae6e65201ce04d091219fc_JaffaCakes118

Files

834300d014ae6e65201ce04d091219fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2b3f7ea5fbf388ca44de995fb744c92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateNamedPipeA
MapUserPhysicalPages
GetConsoleTitleA
ReadConsoleInputA
SetEndOfFile
SetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
CreateProcessA
GetExitCodeProcess
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
VirtualProtect
VirtualFree
GetVersionExW
UnregisterWaitEx
InitializeSListHead
ReleaseSemaphore
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
SetFilePointerEx
GetFileType
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetTimeZoneInformation
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
TerminateProcess
CreateEventA
CreateMutexA
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
GetModuleHandleW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
GetCommandLineA
AreFileApisANSI
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
CreateThread
LoadLibraryExW
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
GetCPInfo
RtlUnwind
RaiseException
GetCurrentThread
GetCurrentProcess
DuplicateHandle
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
CreateEventW
OpenMutexA
lstrcatW
MapViewOfFile
ConnectNamedPipe
ReadFile
VirtualAlloc
LocalFree
LocalAlloc
WaitForSingleObject
QueryPerformanceCounter
GetTickCount
Sleep
WriteFile
GlobalAlloc
GetCurrentThreadId
GetCurrentProcessId
GetProcessHeap
HeapFree
HeapAlloc
VirtualQuery
DeleteFileW
GetFileAttributesExW
CreateFileW
GetModuleHandleA
CloseHandle
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
SetConsoleMode

user32

UnregisterClassW
RegisterClassExW
IsWindow
SetWindowPos
WaitMessage
PostMessageW
PeekMessageW
SetFocus
GetKeyState
EnableWindow
IsWindowEnabled
DispatchMessageW
PostQuitMessage
TranslateAcceleratorW
UpdateWindow
SetActiveWindow
BeginPaint
TranslateMessage
GetWindowTextA
GetWindowTextLengthA
EnumChildWindows
FindWindowA
LoadCursorA
LoadIconA
LoadImageA
GetWindowDC
InsertMenuItemA
DefWindowProcW
TrackPopupMenu
AppendMenuW
EndPaint
SetWindowTextW
MessageBoxA
ShowCursor
SetCursor
DestroyCaret
SetCaretPos
ScreenToClient
GetMessageW
SystemParametersInfoW
ReleaseDC
GetDC
GetSubMenu
EnableMenuItem
WindowFromPoint
GetClassLongW
SetClassLongW
GetDesktopWindow
DestroyMenu
CreatePopupMenu
LoadMenuA
IsClipboardFormatAvailable
GetDlgItemTextA
GetDlgItem
DialogBoxParamA
UpdateLayeredWindow
CreateWindowExA
RegisterClassA
DefWindowProcA
PostMessageA
SendMessageA
DispatchMessageA
GetMessageA
GetIconInfo
DrawIconEx
LoadImageW
CreateIconFromResourceEx
DestroyIcon
FrameRect
FillRect
MessageBoxW
GetAncestor
SetParent
GetParent
ClientToScreen
CreateCaret
GetCursorPos
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
InvalidateRect
SetForegroundWindow
GetForegroundWindow
GetSystemMetrics
ReleaseCapture
SetCapture
GetFocus
IsWindowVisible
MoveWindow
ShowWindowAsync
ShowWindow
DestroyWindow
CreateWindowExW
SendMessageW
IsDialogMessageW
LoadIconW
LoadCursorW
GetWindow
GetWindowThreadProcessId

gdi32

SelectObject
LineTo
GetTextExtentExPointW
CreateSolidBrush
SetDIBitsToDevice
CreateCompatibleDC
TextOutW
GetObjectW
SetBkMode
BitBlt
SetTextColor
DeleteDC
RemoveFontResourceExW
AddFontResourceExW
GetDeviceCaps
DeleteObject
CreateFontIndirectW
Ellipse
GetStockObject
GetObjectA
SetPixel
GetTextMetricsW
CreateDIBSection
MoveToEx
GdiFlush
GetTextExtentPoint32W
GetDIBits
CreatePen
CreateCompatibleBitmap

comdlg32

CommDlgExtendedError
GetOpenFileNameA

advapi32

GetTokenInformation
SetSecurityDescriptorOwner
ConvertStringSidToSidA
ConvertSidToStringSidA
SetNamedSecurityInfoA
RegOpenKeyExA
RegCloseKey
InitializeSecurityDescriptor

shell32

ShellExecuteW
DragQueryFileA
SHGetFileInfoW
SHBrowseForFolderA
Shell_NotifyIconA
SHGetFolderPathW
DragQueryFileW
DragQueryPoint
DragFinish

ole32

ReleaseStgMedium
OleUninitialize
CoTaskMemFree
OleInitialize
OleGetClipboard
CoGetMalloc
CreateBindCtx
MkParseDisplayName
StringFromCLSID

oleaut32

UnRegisterTypeLi
LoadTypeLi

ws2_32

bind
closesocket
ioctlsocket
WSAStartup
WSAGetLastError
WSAHtonl
WSAHtons
WSARecvFrom
WSASendTo
WSASocketA

netapi32

NetAddAlternateComputerName
NetApiBufferFree
NetWkstaTransportEnum
NetWkstaUserEnum
NetWkstaUserGetInfo
NetWkstaSetInfo
NetWkstaGetInfo

crypt32

CertGetNameStringA

shlwapi

ord14

comctl32

ord328

pdh

PdhConnectMachineW
PdhComputeCounterStatistics
PdhGetFormattedCounterValue
PdhCollectQueryData

gdiplus

GdipCreateFromHDC
GdipAlloc

opengl32

glMatrixMode
glOrtho
glViewport
glLoadIdentity

glu32

gluLookAt

urlmon

URLDownloadToCacheFileA

snmpapi

SnmpUtilOidToA

Sections

.text
Size: 770KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2b3f7ea5fbf388ca44de995fb744c92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

crypt32

shlwapi

comctl32

pdh

gdiplus

opengl32

glu32

urlmon

snmpapi

Sections

.text Size: 770KB - Virtual size: 769KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 27KB - Virtual size: 47KB

.rsrc Size: 383KB - Virtual size: 382KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 770KB - Virtual size: 769KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 27KB - Virtual size: 47KB

.rsrc
Size: 383KB - Virtual size: 382KB

.reloc
Size: 34KB - Virtual size: 34KB