04101255696a69d06b6ecb76e03ee1d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04101255696a69d06b6ecb76e03ee1d3_JaffaCakes118
Size

336KB
MD5

04101255696a69d06b6ecb76e03ee1d3
SHA1

5d356f62b8c438ad220544bfd6fe2eced5b73deb
SHA256

64f82618f840732f073adedcc8516228ceb617ab47f15084f34a401229c311bb
SHA512

1c418978ee9677d454861440f107e283a8cc3a63c2c0a94b3b95df73b08317515733b122208eb3ca5354c0cb44f13390adad4224a49347e38ad0e72928f2c279
SSDEEP

6144:ceme6ffxMj2CNfLpPhK+UpA9gdLPIltAyXAJ:hmeKpMj2CNfLLK+UpA92I/xu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04101255696a69d06b6ecb76e03ee1d3_JaffaCakes118

Files

04101255696a69d06b6ecb76e03ee1d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

251cdf0dff930abba3d498e97123801a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetDriveTypeA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
UnhandledExceptionFilter
GetSystemTime
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetTimeZoneInformation
RtlUnwind
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
SetErrorMode
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
ExitThread
LocalAlloc
GlobalFlags
GetModuleFileNameA
lstrcmpA
GetCurrentThread
SetLastError
MulDiv
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
WaitForSingleObject
DeleteFileA
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
lstrcpynA
lstrcpyA
lstrlenA
MultiByteToWideChar
GetLastError
WideCharToMultiByte
GetTickCount
FreeEnvironmentStringsA

user32

ReleaseDC
GetDC
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
SetCursor
GetDesktopWindow
DestroyMenu
SetMenu
ReuseDDElParam
UnpackDDElParam
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
AdjustWindowRectEx
ScreenToClient
GetClientRect
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
IsWindowEnabled
UnregisterHotKey
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowLongA
KillTimer
SetTimer
SetForegroundWindow
RegisterWindowMessageA
LoadImageA
RegisterHotKey
LoadIconA
GetWindowLongA
GetDlgItemTextA
GetWindowTextA
GetCursorPos
WindowFromPoint
GetMenuCheckMarkDimensions
LoadBitmapA
CopyRect
GetMenuState
SendDlgItemMessageA
GetDlgCtrlID
PostMessageA
GetDlgItem
EnableWindow
SetFocus
GetWindowTextLengthA
SendMessageA
MessageBoxA
GetMenuItemCount
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
PtVisible
RectVisible
TextOutA
Escape
SelectObject
RestoreDC
SaveDC
DeleteDC
DPtoLP
CreateFontIndirectA
ExtTextOutA
DeleteObject
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
ShellExecuteA
Shell_NotifyIconA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

ws2_32

htonl
htons
inet_addr
gethostbyaddr
inet_ntoa
ntohs
ntohl

wpcap

pcap_dump_close
pcap_dump
pcap_findalldevs_ex
pcap_open
pcap_compile
pcap_setfilter
pcap_dump_open
pcap_lib_version
pcap_createsrcstr
pcap_next_ex
pcap_sendpacket
pcap_geterr
pcap_close
pcap_freealldevs

packet

PacketOpenAdapter
PacketSendPacket
PacketFreePacket
PacketCloseAdapter
PacketRequest
PacketSetNumWrites
PacketInitPacket
PacketAllocatePacket
PacketGetAdapterNames

iphlpapi

SendARP

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ord17
ord6
_TrackMouseEvent

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

251cdf0dff930abba3d498e97123801a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

ws2_32

wpcap

packet

iphlpapi

comdlg32

comctl32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 17KB - Virtual size: 2.0MB

.rsrc Size: 94KB - Virtual size: 94KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 17KB - Virtual size: 2.0MB

.rsrc
Size: 94KB - Virtual size: 94KB