8c3a1db3b96205665a9a1ec894058d81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c3a1db3b96205665a9a1ec894058d81_JaffaCakes118
Size

453KB
MD5

8c3a1db3b96205665a9a1ec894058d81
SHA1

9fd6b8871b0a0b45e0352670098d7211fee63208
SHA256

81dbbf64274c599feeef01b80d1d56d126cb607dfb54e8b65a5d7b35878b8842
SHA512

62b20bbee62c56bf648a9be3c2e770bf8ddeab209f73a3d3b7f6bca99b0ffcf4c4042bf002c7dcaab79a0d4bfdcae54f3c7f341f1c5e639772ca9fbd6931390e
SSDEEP

12288:fp7kwCTvbdS3+Slzdwn0Q/7MR9tP5huP+dCzPpG:VkwgU3+SVdwS/5h1CzPpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c3a1db3b96205665a9a1ec894058d81_JaffaCakes118

Files

8c3a1db3b96205665a9a1ec894058d81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6bc2a5628147045392a2f9ed2d71392f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
ReleaseMutex
CloseHandle
GetWindowsDirectoryW
FileTimeToLocalFileTime
GetCurrentProcessId
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
CreateFileW
GetTimeZoneInformation
CreateProcessA
GetExitCodeProcess
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
SetFilePointer
GetFileAttributesA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
GetModuleHandleW
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetFileType
CreateIoCompletionPort
DeviceIoControl
SetConsoleOutputCP
LoadLibraryA
GetProcAddress
GetLastError
EnumSystemLanguageGroupsA
GlobalUnlock
lstrcatA
SetConsoleCP
GetSystemTimeAdjustment
CreateEventA
Sleep
LoadLibraryW
GlobalAlloc
FormatMessageA
GetConsoleTitleA
HeapSize
GetSystemTimeAsFileTime
GetTickCount
SleepEx
WaitForSingleObject
GlobalLock
GetCurrentProcess
InterlockedDecrement
CreateProcessW
LoadResource
lstrlenA
FreeResource
lstrcmpA
GetFileSize
GetStdHandle
SetHandleCount
HeapAlloc
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
RtlUnwind
GetStartupInfoA
VirtualQuery
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
GetCurrentThreadId
ExitThread
GetProcessHeap
HeapFree
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
CreateFileA
ReadFile
GetFullPathNameW

user32

GetDesktopWindow
CreateWindowExA
GetClipboardData
SetCursorPos
ReleaseDC
ChangeClipboardChain
DefWindowProcA
GetSysColor
GetCursorPos
GetMenuStringA
ShowWindow
GetSysColorBrush
GetMenuItemCount
IsWindow
PostMessageA
OpenClipboard
RegisterClassA
CheckMenuItem
EndDeferWindowPos
SetClipboardViewer
LoadCursorA
MessageBoxW
GetSystemMetrics
MapWindowPoints
InsertMenuItemA
AdjustWindowRect
GetDlgItem
EndPaint
CloseClipboard
GetWindowRect
InvalidateRect
SendInput
PostQuitMessage
IsIconic
FillRect
GetMenuItemID
GetKeyState
GetFocus
CreateIconFromResourceEx
wsprintfA
FindWindowExA
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetScrollRange
GetDC
GetForegroundWindow
SetWindowContextHelpId
OffsetRect
GetWindowTextA
GetAsyncKeyState
MessageBoxA
FindWindowA

gdi32

LineTo
SetTextColor
DeleteDC
SetBkColor
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateRoundRectRgn
CreatePen
GetPixel
GetStockObject
ExtTextOutA
CreateSolidBrush
TextOutA
BitBlt

advapi32

LookupPrivilegeValueW
OpenProcessToken
GetSecurityDescriptorDacl
RegCloseKey
GetFileSecurityA
ImpersonateSelf
GetCurrentHwProfileA
RegCreateKeyExA
LookupAccountNameW
RegSetValueExA
GetAclInformation
AccessCheck

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHEmptyRecycleBinA
SHQueryRecycleBinA
SHGetFolderPathW

ole32

CoCreateInstance
CoUninitialize
StringFromCLSID
StringFromGUID2
OleInitialize
OleUninitialize
CoInitialize
RegisterDragDrop
CLSIDFromString

oleaut32

SafeArrayCreate
SysFreeString
VariantClear
SysAllocString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

ws2_32

WSASocketA
listen
bind
htons
WSAStartup

winmm

mixerClose
mixerGetControlDetailsW
mixerGetID
midiStreamProperty
mixerGetDevCapsW

version

GetFileVersionInfoA

crypt32

CryptDecodeObject
CertGetNameStringA

shlwapi

SHDeleteKeyA
PathAppendW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

urlmon

URLDownloadToFileA
HlinkSimpleNavigateToString

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bc2a5628147045392a2f9ed2d71392f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

winmm

version

crypt32

shlwapi

setupapi

urlmon

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 243KB - Virtual size: 243KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 243KB - Virtual size: 243KB