9b5bc201212c2bf37b726598e493829e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9b5bc201212c2bf37b726598e493829e_JaffaCakes118
Size

389KB
MD5

9b5bc201212c2bf37b726598e493829e
SHA1

fd9290b66194f692f3540740f7e99a13348fbab6
SHA256

871885575e3529f70b26a026fa859b326cec74e5a3b260fdb7ec4fd9b90a4584
SHA512

367e52baae3e99837586f99c5de0c849cc10277fb6ef0207359542a3aaaff40eeb551b218de38eabe5fc99d092993de61b54886363d232128097d0ec72921dc8
SSDEEP

6144:L9e1pMhO1qqqp6Uw+r0VjBlf7N/zJIkTturJox+ywTm:LA1pMhO1JqpKvBJNVnt4JtNa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b5bc201212c2bf37b726598e493829e_JaffaCakes118

Files

9b5bc201212c2bf37b726598e493829e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1115ad5537d77f868adf7a349b242e4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
ReadFile
FlushFileBuffers
OpenFileMappingA
MapViewOfFile
OpenEventA
GetConsoleCP
WriteFile
GetFileType
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
VirtualQuery
GetProcAddress
HeapFree
GetStartupInfoA
GetCommandLineA
WideCharToMultiByte
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GlobalAlloc
GetConsoleWindow
CreateTapePartition
GetVersionExA
GetComputerNameA
GetSystemDirectoryA
GetWindowsDirectoryA
ExpandEnvironmentStringsA
HeapCreate
HeapAlloc
lstrlenA
EnumDateFormatsA
GetLastError
CreateFileA
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA

user32

GetMenu
GetSubMenu
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageA
EndPaint
DrawTextA
BeginPaint
LoadBitmapA
GetCursorPos
GetDialogBaseUnits
UpdateWindow
FillRect
CreateWindowExA
GetDC
ReleaseDC
ChangeDisplaySettingsA
ShowCursor
AdjustWindowRectEx
DefWindowProcA
SystemParametersInfoA
SetTimer
GetClassNameA
GetKeyState
GetForegroundWindow
EndDialog
GetDlgItem
DestroyMenu
TrackPopupMenuEx
LoadImageA
DestroyIcon
SetForegroundWindow
SetFocus
GetMenuCheckMarkDimensions
PtInRect
CreatePopupMenu
GetClientRect
SetWindowLongA
SetPropW
CallNextHookEx
GetPropW
RemovePropW
CallWindowProcA
GetWindowRect
GetSystemMetrics
SetWindowPos
SetRect
UnionRect

gdi32

CreateBitmap
CreateFontIndirectW
DeleteDC
GetCurrentObject
CreateICW
GetDeviceCaps
GetTextMetricsA
SelectObject
ExcludeClipRect
CreatePen
MoveToEx
LineTo
CreateSolidBrush
DeleteObject
CreatePatternBrush
SetBrushOrgEx
PatBlt
CreateFontA
SetBkMode
SetTextColor
EnumEnhMetaFile
CreateCompatibleDC
CreateRectRgnIndirect
GetFontData
GetGlyphOutlineA
GetObjectA
SetDeviceGammaRamp
GetDeviceGammaRamp

advapi32

GetUserNameA
CryptAcquireContextA
CryptGetUserKey
CryptReleaseContext
CryptExportKey
CryptGenKey

shell32

SHEmptyRecycleBinA
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHParseDisplayName
SHQueryRecycleBinA
SHBindToParent

ole32

CoInitializeEx
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoInitialize
CLSIDFromString
StgOpenStorage

oleaut32

OleLoadPicturePath
SafeArrayGetUBound
VariantInit
LoadTypeLibEx
SafeArrayCreate
VariantClear
SafeArrayGetElement
SafeArrayGetLBound
LoadTypeLi
SafeArrayPtrOfIndex

ws2_32

socket
inet_addr
WSAStartup
bind
getsockopt
closesocket
WSACleanup

winmm

waveInClose
mmioClose
mmioDescend
waveOutUnprepareHeader
waveOutSetVolume
waveInUnprepareHeader
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveOutOpen

iphlpapi

SendARP

comctl32

ord17
ImageList_ReplaceIcon

activeds

ord3
ord4
ord6

pdh

PdhOpenQueryA
PdhMakeCounterPathA
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhCloseQuery

rpcrt4

UuidCreate
UuidToStringA
UuidFromStringA
RpcStringFreeA

opengl32

glLoadIdentity
glMatrixMode
glShadeModel
glAreTexturesResident
glClear
glViewport
glBegin
glEnd
glScalef
glFlush
glDepthFunc
glEnable
glClearDepth
glClearColor

glu32

gluPerspective

imm32

ImmDestroyContext
ImmAssociateContext
ImmCreateContext

setupapi

CM_Get_Sibling
CM_Intersect_Range_List
CM_Get_Version

authz

AuthzInitializeResourceManager

tapi32

tapiRequestMediaCallA
tapiGetLocationInfoW

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1115ad5537d77f868adf7a349b242e4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

winmm

iphlpapi

comctl32

activeds

pdh

rpcrt4

opengl32

glu32

imm32

setupapi

authz

tapi32

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 11KB - Virtual size: 18KB

.rsrc Size: 208KB - Virtual size: 208KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 11KB - Virtual size: 18KB

.rsrc
Size: 208KB - Virtual size: 208KB

.reloc
Size: 11KB - Virtual size: 11KB