a38ad704ae67462e8890bbd7738c58e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a38ad704ae67462e8890bbd7738c58e2_JaffaCakes118
Size

475KB
MD5

a38ad704ae67462e8890bbd7738c58e2
SHA1

0345707df4df630de7520c6901a08a39332c7731
SHA256

0f7061b3e130e6e74d13a7c11fe4d6fb210c0fc4d26ec98b576169cbe5527cd9
SHA512

65236d0caa6b5307db81dd2b2cef139b8f653ee87d992a1cd29675c193f16206ed6e83d33c8bdff83057fa5d08502b8f8ec8929c4b7505dabc873c43a75abfbd
SSDEEP

6144:Fr/BPeMTuxDmJh6YGdFWSSb/0zCPwFqz0JYnbN2FGU7pnMV2l0kEB1e:F9LIm76YG/WSSb/0QRbgF77pMcaB1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a38ad704ae67462e8890bbd7738c58e2_JaffaCakes118

Files

a38ad704ae67462e8890bbd7738c58e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca5eff4087c51ee853a0ff30c5e1b687

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetFilePointer
HeapSize
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Process32First
ExitProcess
Sleep
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
CloseHandle
SetStdHandle
CreateIoCompletionPort
Process32Next
TerminateProcess
GetCurrentProcessId
CreateToolhelp32Snapshot
GetLocalTime
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetConsoleCursorInfo
SetConsoleCursorPosition
GetStdHandle
WideCharToMultiByte
GetPrivateProfileStringA
VirtualUnlock
VirtualQuery
VirtualAlloc
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
WaitForSingleObject
CreateEventA
GetEnvironmentStringsW
GetLastError
DeleteCriticalSection
SetHandleCount
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
SetEndOfFile
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
GetModuleFileNameW
GetFileType
WriteConsoleW
MultiByteToWideChar
RaiseException
RtlUnwind
IsDebuggerPresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
LoadLibraryA
GetThreadLocale
GetConsoleWindow
HeapFree
FormatMessageA
MulDiv
HeapAlloc
WriteFile
GetProcessHeap

user32

RedrawWindow
MessageBoxW
ShowWindow
CreateWindowExW
GetWindowTextW
GetWindowTextLengthW
DefWindowProcW
SetRect
SetWindowPos
MessageBoxA
GetCursorPos
KillTimer
SendDlgItemMessageA
SetWindowLongA
SendInput
SendMessageTimeoutW
DefMDIChildProcA
GetWindowTextA
UpdateWindow
SetActiveWindow
WindowFromPoint
GetWindowThreadProcessId
GetTopWindow
SetWindowRgn
OffsetRect
GetClientRect
GetWindowRect
SetWindowTextA
MapWindowPoints
GetSysColorBrush
SetScrollPos
ReleaseDC
GetDC
SetScrollInfo
SendMessageW
DefWindowProcA
EndPaint
BeginPaint
DestroyMenu
TrackPopupMenu
ReleaseCapture
InvalidateRect
SetCapture
SetMenu
CreatePopupMenu
CreateMenu
EnableMenuItem
GetSystemMenu
SystemParametersInfoA

gdi32

CreateRectRgnIndirect
FillRgn
CombineRgn
GetTextMetricsW
GetObjectA
StartPage
GetPixel
DeleteObject
EndDoc
SelectObject
CreateFontIndirectW
GetDeviceCaps
StartDocW
DeleteDC
SetMapMode

comdlg32

PrintDlgW

advapi32

RegisterServiceCtrlHandlerA
ReportEventA
DeregisterEventSource
OpenEventLogA
GetNumberOfEventLogRecords
GetLengthSid
ConvertStringSidToSidA
QueryServiceConfigA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
SetServiceStatus
GetOldestEventLogRecord
LsaFreeMemory
CloseEventLog
ClearEventLogA
ReadEventLogA
RegisterEventSourceA

shell32

ExtractIconExA
SHBindToParent
SHGetDataFromIDListA
SHGetSpecialFolderPathA
SHGetFolderPathA
SHParseDisplayName

ole32

CoRevokeClassObject
CoUninitialize
BindMoniker
CreateFileMoniker
StringFromCLSID
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
ReleaseStgMedium

oleaut32

LoadTypeLibEx

ws2_32

WSAEventSelect

psapi

GetDeviceDriverFileNameA
GetMappedFileNameA

userenv

ExpandEnvironmentStringsForUserA

avicap32

capCreateCaptureWindowA

avifil32

AVIStreamStart

msvfw32

ICCompressorChoose

cryptui

CryptUIWizImport

shlwapi

StrStrA

gdiplus

GdipCloneImage
GdipFree
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipDisposeImage

opengl32

glMatrixMode
glClear
glLoadIdentity

oleacc

GetRoleTextW

uxtheme

OpenThemeData

msi

ord17
ord8
ord64

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca5eff4087c51ee853a0ff30c5e1b687

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

psapi

userenv

avicap32

avifil32

msvfw32

cryptui

shlwapi

gdiplus

opengl32

oleacc

uxtheme

msi

Sections

.text Size: 188KB - Virtual size: 188KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 12KB - Virtual size: 19KB

.data1 Size: 2KB - Virtual size: 1KB

.trace Size: 9KB - Virtual size: 8KB

.rsrc Size: 168KB - Virtual size: 167KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 188KB - Virtual size: 188KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 12KB - Virtual size: 19KB

.data1
Size: 2KB - Virtual size: 1KB

.trace
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 168KB - Virtual size: 167KB

.reloc
Size: 12KB - Virtual size: 11KB