ab2ece7f84f660cd385fe86a1038105a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab2ece7f84f660cd385fe86a1038105a_JaffaCakes118
Size

702KB
MD5

ab2ece7f84f660cd385fe86a1038105a
SHA1

268dafa656517ec5e2190fbe67154f597f0d761d
SHA256

a93c54319fd83c578ccb2f3f5f75d3f5120f459cf9c93ca8151ad0c2e7cdff8a
SHA512

4cc1e8e26c06a296d28480f8b03e3305e470dcb4c3e52e2c9b964e064dd32e8e17c6166181f3c96f31aac07722d41e3efff6a3e589c2c62028c4cec62ec1bf6d
SSDEEP

12288:kzF293tGu01JuSKBaeJqpplb1TclfBjkA4wtb+cYERTgOgl:kzw9WJXZjbYfBC80Og

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2ece7f84f660cd385fe86a1038105a_JaffaCakes118

Files

ab2ece7f84f660cd385fe86a1038105a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

cf7dd5dd4e485800abafcdf18fea55c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrlenA
lstrlenW
CreateEventA
FindResourceExA
FindResourceExW
WideCharToMultiByte
EnumTimeFormatsA
GetUserDefaultLangID
GetConsoleWindow
HeapSize
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetProcessHeap
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
lstrcpyA
LoadResource
WaitForSingleObject
GetLastError
OutputDebugStringW
WriteFile
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
QueryPerformanceFrequency
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
LoadLibraryExW
FreeLibrary
RtlUnwind
RaiseException
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
GetStringTypeW
GetLocaleInfoW
VirtualAlloc
GetModuleHandleA
LCMapStringW
CompareStringW
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
EncodePointer
DecodePointer
SetLastError

user32

GetMenuItemInfoA
GetDC
BeginPaint
InsertMenuItemA
GetSystemMenu
GetMenu
EndPaint
InvalidateRect
EnableMenuItem
GetWindowRect
MessageBoxA
GetCursorPos
WindowFromPoint
GetWindowLongA
SetWindowLongA
GetParent
GetWindowThreadProcessId
LookupIconIdFromDirectory
SystemParametersInfoA
RegisterClipboardFormatA
SendMessageA
IsDlgButtonChecked
GetDlgItem
EndDialog
MoveWindow
GetScrollRange
SendDlgItemMessageA

comdlg32

GetOpenFileNameA

advapi32

ImpersonateLoggedOnUser

shell32

SHCreateShellItem

ole32

RevokeDragDrop
GetHGlobalFromStream
OleInitialize

odbc32

ord63
ord64

gdiplus

GdipShearMatrix
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetSolidFillColor
GdipCreatePen1
GdipDeletePen
GdipCloneImage
GdipDisposeImage
GdipRotateMatrix
GdipCreateBitmapFromGraphics
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipGraphicsClear
GdipDrawImageRectI
GdipGetVisibleClipBoundsI
GdipScaleMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipAlloc
GdiplusStartup
GdipFree
GdipGetImageGraphicsContext
GdipCreateMatrix
GdipSetMatrixElements

netapi32

NetApiBufferFree
NetUserEnum

avifil32

AVIStreamStart

winmm

mmioSeek
midiInAddBuffer
midiInGetDevCapsA

shlwapi

StrCmpNIA

pdh

PdhGetFormattedCounterValue

dbghelp

SymSetContext

winhttp

WinHttpSendRequest

uxtheme

DrawThemeText

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf7dd5dd4e485800abafcdf18fea55c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

odbc32

gdiplus

netapi32

avifil32

winmm

shlwapi

pdh

dbghelp

winhttp

uxtheme

Sections

.text Size: 211KB - Virtual size: 210KB

.rdata Size: 77KB - Virtual size: 77KB

.data Size: 240KB - Virtual size: 247KB

.text Size: 62KB - Virtual size: 62KB

.gfids Size: 1024B - Virtual size: 560B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 97KB - Virtual size: 96KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 211KB - Virtual size: 210KB

.rdata
Size: 77KB - Virtual size: 77KB

.data
Size: 240KB - Virtual size: 247KB

.text
Size: 62KB - Virtual size: 62KB

.gfids
Size: 1024B - Virtual size: 560B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 97KB - Virtual size: 96KB

.reloc
Size: 11KB - Virtual size: 11KB