a470aa4e30343fa14f85f9a16412f04a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a470aa4e30343fa14f85f9a16412f04a_JaffaCakes118
Size

559KB
MD5

a470aa4e30343fa14f85f9a16412f04a
SHA1

9b756104e88a6e81753dbdb651694287277ee97d
SHA256

16fdb53218b5f569af18a2d24670c78514a4fe8df1bf029327096d1ff246cc72
SHA512

4172be9c804366ee52ddd21e14bf7a6fb80e228f60afb8043c7e208e46616978a76c8d6c3b66f02b5cd53d7b483cb120462d42ecb8d986c0474f38dfefcbb5d8
SSDEEP

12288:LBIm3M/M4EW6HJ1fwlgSlx0Bf1TNnORa0o/xYb3lPE6q5Vp:lImyM4X6HXf4Dxgf7nORaLUxtq5Vp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a470aa4e30343fa14f85f9a16412f04a_JaffaCakes118

Files

a470aa4e30343fa14f85f9a16412f04a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

323996b2c79430adb2e1fa42e276ef40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex4iv
glTexCoord4sv
glPushName

user32

GetDlgCtrlID
EnumChildWindows
GetWindowTextLengthA
GetWindow
EndDialog
DialogBoxIndirectParamA
SetDlgItemInt
SetForegroundWindow
GetSysColor
CreateWindowExA
SendDlgItemMessageA
SetWindowPlacement
ArrangeIconicWindows
GetDlgItemInt
GetDialogBaseUnits

ole32

CreateBindCtx
CoGetCurrentProcess
BindMoniker
RevokeDragDrop
OleRegEnumFormatEtc
OleDuplicateData
OleIsCurrentClipboard
OleDraw
StringFromGUID2
OleCreateDefaultHandler
ReadFmtUserTypeStg
CLSIDFromProgID
CreateDataCache
IsAccelerator

gdi32

EqualRgn
CreateDCA
DeleteObject
ChoosePixelFormat
AngleArc
AddFontResourceA
CloseMetaFile
ExcludeClipRect
CreateDiscardableBitmap
CloseEnhMetaFile
Arc
CancelDC
GetBkMode
CopyMetaFileW

comctl32

InitializeFlatSB
UninitializeFlatSB
CreatePropertySheetPageA
DestroyPropertySheetPage
CreateToolbarEx
ord8
CreateStatusWindowW
ord17

shlwapi

StrCSpnA
StrCmpNA
StrCSpnW
StrToIntA
StrStrA

kernel32

GetModuleHandleA
GetProcAddress
VirtualAllocEx
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

uxtheme

HitTestThemeBackground
CloseThemeData
SetWindowTheme
GetThemeFont
DrawThemeEdge
GetThemePosition

usp10

ScriptString_pcOutChars
ScriptShape
ScriptGetGlyphABCWidth
ScriptString_pSize
ScriptStringFree
ScriptStringOut
ScriptXtoCP

cryptui

CryptUIWizExport
CryptUIDlgViewContext
CryptUIWizDigitalSign
CryptUIWizImport

ntdsapi

DsGetDomainControllerInfoA

Sections

.text
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323996b2c79430adb2e1fa42e276ef40

Headers

File Characteristics

Imports

opengl32

user32

ole32

gdi32

comctl32

shlwapi

kernel32

uxtheme

usp10

cryptui

ntdsapi

Sections

.text Size: 510KB - Virtual size: 509KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 306KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 510KB - Virtual size: 509KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 306KB

.rsrc
Size: 41KB - Virtual size: 41KB