a051d049fc859f7a8124bd4a177730a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a051d049fc859f7a8124bd4a177730a3_JaffaCakes118
Size

344KB
MD5

a051d049fc859f7a8124bd4a177730a3
SHA1

7f410404748e9ac2aa872ebc364bd3190dad4f50
SHA256

094bfdb13b5bc4d004ff13c2c5af85a14aa99f450aff3fe71a34c7e9498b94f5
SHA512

d2dd1e0edae9d858502370e1af07e1db24b72317aa411b6cac48dfbc1674191002b4c9d9495f00185d27f77a07939b99970d47e5efb8e6431ab310456674d844
SSDEEP

6144:GWLDt1wpmZM6IoEJi+ffErY3fDKGiOOko6meW8HVXukwKu:fDt1QsMBfJi+fbv+3OO9eWIXOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a051d049fc859f7a8124bd4a177730a3_JaffaCakes118

Files

a051d049fc859f7a8124bd4a177730a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f0ca4c79f089efe8b9204b20df994e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetTickCount
GetProcAddress
LoadLibraryA
GetModuleHandleA
ExitProcess
ExitThread
CreateFileA
FreeLibrary
SetComputerNameA
CreateEventA
SetThreadPriority
WaitForSingleObject
CloseHandle
GlobalAlloc
GetComputerNameA
VirtualProtect
GetModuleFileNameA
VirtualAlloc
GetProcessVersion
GetProcessHeap
CreateThread
GetCurrentProcessId
FlushFileBuffers
GetPrivateProfileIntA
GetCommandLineA
GetVersionExA
GetCurrentThreadId
Sleep
GetLastError
CreateMutexA
GetOEMCP
TerminateThread
GetLocaleInfoA
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCPInfo
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
SetStdHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
CreateSemaphoreA
OpenSemaphoreA
OpenMutexA
LoadResource
ReleaseMutex
ReleaseSemaphore
EnumTimeFormatsA
CreateRemoteThread
GetStringTypeExA
HeapReAlloc
VirtualFree
WriteFile
SetFilePointer
GetCurrentProcess
TerminateProcess
GetStdHandle
WideCharToMultiByte
HeapFree
HeapAlloc
GetStringTypeW
CreateTapePartition
GetSystemInfo

gdi32

TextOutA
GetCharWidth32A
GetCharWidthA
GetCharWidthFloatA
GetCharABCWidthsA

user32

GetClientRect
PostQuitMessage
MessageBoxA
MessageBoxW
SetCaretPos
FindWindowA
ShowCaret
wsprintfA
SetRect
MsgWaitForMultipleObjects
GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
TranslateAcceleratorA
SendMessageA
MessageBeep
GetDC
DefWindowProcA
ReleaseDC

advapi32

RegSetValueA
RegSetValueExA
RegCloseKey
RegOpenKeyA
CredIsMarshaledCredentialA
RegOpenKeyExA

comctl32

ord17

ws2_32

WSAAddressToStringA

wldap32

ord143
ord11
ord20
ord25
ord10

winmm

timeBeginPeriod

ole32

GetClassFile
OleCreateEmbeddingHelper

winscard

SCardAccessStartedEvent

dsound

ord9

mprapi

MprAdminGetErrorString

winspool.drv

EnumFormsA
AddPortA
AddPrinterA
EnumJobsA
AddFormA
FindNextPrinterChangeNotification
FindFirstPrinterChangeNotification
FindClosePrinterChangeNotification
OpenPrinterA
ClosePrinter

oleacc

GetRoleTextW
GetRoleTextA

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udava
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f0ca4c79f089efe8b9204b20df994e4

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

ws2_32

wldap32

winmm

ole32

winscard

dsound

mprapi

winspool.drv

oleacc

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 273KB

.udava Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 273KB

.udava
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB