9533202d7c1075d12f1a900cf8c950c5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9533202d7c1075d12f1a900cf8c950c5_JaffaCakes118
Size

364KB
MD5

9533202d7c1075d12f1a900cf8c950c5
SHA1

cd23d34033b14515a084bc2b4870c11cacde0f15
SHA256

2fd6e890d882a29f4cfadc123f8016e584a864aba3c1166dfc0fea4f37a66fd8
SHA512

f76108c1014882ea2671cf91755645af6a33f835bae597ecab6d81b02b564501b1380142f5cb8b638ae6751845d930bce69696b13849be88b9676805894071c1
SSDEEP

6144:1zGwKmwzQoBnpA2cQJ4R1Y9+sSj22UJre6OmLFrHXvu9dEP8vWy0oB1wO5Vzt4:VKmwzQoBnpAkJ4R1Y9+nrKZJFrH8dvvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9533202d7c1075d12f1a900cf8c950c5_JaffaCakes118

Files

9533202d7c1075d12f1a900cf8c950c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3cda4eea309a754f0be7e9609d9dd2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
SetFilePointer
LCMapStringW
LCMapStringA
ReadFile
GetCurrentThreadId
TlsFree
GetConsoleCP
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
lstrcatA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
GetConsoleMode
FlushFileBuffers
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
lstrcpyA
LocalFree
GetCurrentProcessId
CloseHandle
GetModuleHandleA
OpenEventA
LockResource
LocalAlloc
GetProcAddress
LoadLibraryA
SetLastError
GetLastError
SetConsoleTitleA
TlsSetValue
MultiByteToWideChar
GetFileAttributesA
SizeofResource
Sleep
LoadLibraryW
WideCharToMultiByte
FindResourceExA
OpenProcess
EnumResourceTypesA
FormatMessageA
HeapCreate
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapFree
UpdateResourceA
HeapAlloc
LoadResource
lstrcpynA
lstrlenA
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
FreeResource

user32

DeferWindowPos
GetSysColorBrush
ShowWindow
LoadAcceleratorsA
UpdateWindow
FindWindowA
EndDeferWindowPos
LookupIconIdFromDirectory
GetDesktopWindow
DefWindowProcA
GetWindowThreadProcessId
DefMDIChildProcA
BeginDeferWindowPos
GetSystemMetrics
GetDlgItem
ReleaseDC
CreateWindowExA
GetWindow
GetWindowLongA
MessageBoxA
SetWindowLongA
SetRect
CopyIcon
GetCursorInfo
LoadImageA
EndPaint
GetClassNameA
GetSystemMenu
GetWindowRect
SetActiveWindow
InsertMenuItemA
PostQuitMessage
FillRect
DrawTextA
DrawIconEx
LoadStringA
DeleteMenu
GetParent
wsprintfA
FindWindowExA
GetClientRect
SendMessageA
BeginPaint
PtInRect
GetScrollRange
GetIconInfo
GetDC
OffsetRect

gdi32

BitBlt
DeleteDC
StretchBlt
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
CreateCompatibleBitmap
Rectangle
GdiSetBatchLimit
FillRgn
CreateRectRgn
Escape
GetTextMetricsA
SetTextAlign
CreateDIBitmap
GetObjectA
GetStockObject
CreateSolidBrush
MoveToEx

comdlg32

GetOpenFileNameA
ChooseColorA
CommDlgExtendedError

advapi32

GetUserNameW
DuplicateToken
ImpersonateLoggedOnUser
AllocateAndInitializeSid
OpenSCManagerA
GetLengthSid
LogonUserA
OpenProcessToken

shell32

SHGetFileInfoA
SHCreateShellItem

ole32

StringFromGUID2
OleInitialize
OleUninitialize
StgOpenStorage
StgIsStorageFile

mpr

WNetAddConnection2A

avifil32

AVIFileOpenA
AVIStreamGetFrameOpen
AVIFileGetStream
AVIStreamLength
AVIStreamInfoA
AVIStreamStart

winmm

timeBeginPeriod
midiInGetDevCapsA
timeGetTime
midiInAddBuffer

version

GetFileVersionInfoSizeA

shlwapi

StrCmpNIA

comctl32

ImageList_ReplaceIcon

rpcrt4

RpcBindingSetAuthInfoA
I_RpcGetCurrentCallHandle
RpcServerUseProtseqEpA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcBindingInqAuthClientA

gdiplus

GdipDisposeImage
GdiplusShutdown
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipAlloc
GdiplusStartup
GdipGetImageRawFormat

winhttp

WinHttpSendRequest

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

wsnmp32

ord104
ord106
ord105

rpcns4

RpcNsBindingImportDone
RpcNsBindingImportNext
RpcNsBindingImportBeginA

mscms

GetColorDirectoryW

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cda4eea309a754f0be7e9609d9dd2a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

mpr

avifil32

winmm

version

shlwapi

comctl32

rpcrt4

gdiplus

winhttp

setupapi

wsnmp32

rpcns4

mscms

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 178KB - Virtual size: 178KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 178KB - Virtual size: 178KB