86d12ab12db3d8ceab70b50072f7ae07JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

86d12ab12db3d8ceab70b50072f7ae07JaffaCakes118
Size

615KB
MD5

86d12ab12db3d8ceab70b50072f7ae07
SHA1

13b0e70caa4a6e9691ebc720e90316f23f707be4
SHA256

13e2a3ce3de5673f5adc2e86b568c5d151b10efa047ae8811aac668e75421176
SHA512

2516a875f9547caa57b27512cb76cbf014c6c265b7793640b584f79312fe0b87c55b4e35eb8650e7e8e194c8cbcae2af00584ebf52c576121b283a204334d488
SSDEEP

12288:UXSdAJkZe8kxLsaRKTEqd818JpWG3/h8sDFnbSAe+V3tkK99999999999MA:Uy8T8kODd8uJpWgDJM+7999999999997

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d12ab12db3d8ceab70b50072f7ae07JaffaCakes118

Files

86d12ab12db3d8ceab70b50072f7ae07JaffaCakes118
.exe windows:5 windows x86 arch:x86

28312e9b468ac0dc8be3309f263e5cd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetDiskFreeSpaceA
GetFullPathNameW
GetFullPathNameA
FormatMessageW
GetTempPathW
LockFileEx
GetSystemTime
LoadLibraryW
DeleteFileW
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LockFile
UnlockFile
GetFileSize
SetEndOfFile
GetVersionExA
InterlockedCompareExchange
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetTimeZoneInformation
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FreeLibrary
SetFilePointer
HeapSize
GetSystemTimeAsFileTime
lstrcatW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetFileType
SetStdHandle
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
GetModuleFileNameW
GetCommState
MapUserPhysicalPages
GetCompressedFileSizeW
VirtualAlloc
GetStdHandle
SetConsoleWindowInfo
GetConsoleWindow
CreateEventW
GlobalAlloc
ReadFile
GetOverlappedResult
GlobalFree
CloseHandle
CreateFileW
SetConsoleScreenBufferSize
GetProcessHeap
HeapAlloc
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
GetLastError
AreFileApisANSI
MultiByteToWideChar
lstrcpyA
FormatMessageA
LocalFree
WriteFile
HeapReAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
HeapFree
CreateThread
ResumeThread
ExitThread
RtlUnwind
RaiseException
GetDiskFreeSpaceW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetTempPathA
GetTempFileNameA
GetModuleHandleA
Sleep
GetTickCount
GetCurrentProcessId

user32

PeekMessageA
PostQuitMessage
DefWindowProcA
SendMessageA
EndPaint
TranslateMessage
GetDC
SetWindowPos
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
GetWindowRect
DispatchMessageA
EnumWindows
GetWindowThreadProcessId
GetWindow
IsWindowVisible
ReleaseDC
DestroyWindow
BeginPaint
RegisterClassExA
CreateWindowExA
ShowWindow
SetFocus
SetClipboardData
TrackPopupMenu
HideCaret
SetActiveWindow
GetScrollRange
GetSystemMenu
GetMenuItemInfoA
GetMenu
LoadIconA
DestroyIcon
CreatePopupMenu
EndMenu
DrawIcon
GetCursorPos
TrackPopupMenuEx
SetWindowRgn
GetDesktopWindow
SetScrollRange
UpdateWindow
LoadStringA
DialogBoxParamA
MessageBoxA
WinHelpA
GetClientRect
EndDialog
GetDlgItem

gdi32

FillRgn
ChoosePixelFormat
SetPixelFormat
SetViewportOrgEx
SelectClipRgn
CreateSolidBrush
SetBkColor
GetCurrentObject
BitBlt
GetStockObject
SwapBuffers
CreateRectRgnIndirect
AddFontResourceExW
GetObjectA
CreateFontIndirectA
CombineRgn
CreateFontW
CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
GetTextMetricsW
EnumFontFamiliesA
CreateCompatibleDC
CreateFontA
SelectObject
DeleteObject

shell32

SHGetIconOverlayIndexA
SHGetInstanceExplorer
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHBrowseForFolderA

ole32

RegisterDragDrop
OleInitialize
CreatePointerMoniker
CoUninitialize
CoCreateInstance
CoInitialize

odbc32

ord45
ord7
ord1
ord47
ord13
ord16
ord3
ord9
ord14
ord15
ord41
ord11
ord8
ord4
ord2
ord43

opengl32

glLoadIdentity
glDepthFunc
glEnable
glShadeModel
glRasterPos2d
wglCreateContext
glClearColor
wglDeleteContext
glClearDepth
glMatrixMode
glPushAttrib
glListBase
glCallLists
glPopAttrib
glDeleteLists
glGenLists
wglUseFontBitmapsA
glClear
glTranslatef
glRotatef
glColor3f
glPushMatrix
glBegin
glVertex3f
glEnd
glPopMatrix
glRasterPos2f
wglMakeCurrent

glu32

gluPerspective

comctl32

ImageList_ReplaceIcon
ImageList_GetIconSize

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

ws2_32

WSAStartup

shlwapi

PathRemoveFileSpecW
ColorRGBToHLS

netapi32

NetApiBufferFree
NetUserEnum

avifil32

AVIStreamWrite

msimg32

TransparentBlt

Sections

.text
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28312e9b468ac0dc8be3309f263e5cd3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

odbc32

opengl32

glu32

comctl32

gdiplus

ws2_32

shlwapi

netapi32

avifil32

msimg32

Sections

.text Size: 322KB - Virtual size: 321KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 219KB - Virtual size: 219KB

.text
Size: 322KB - Virtual size: 321KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 219KB - Virtual size: 219KB