09c9e4caf96cf9a2d7c766a00e95960d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09c9e4caf96cf9a2d7c766a00e95960d_JaffaCakes118
Size

482KB
MD5

09c9e4caf96cf9a2d7c766a00e95960d
SHA1

a93f7c25e46b1512492708950ea6f428a29b68d5
SHA256

5642f846989545cb789af3f1938ca03c7d2525f397c6311aa438ab71fa49f71e
SHA512

0d679b2d967826b1acffa496fd20a538fd97027b0109ac5878e067ad20365cac67061112e0467ce3aff1fb3e689dec01d7489ca0ca6c6ce115f8336c72568727
SSDEEP

12288:x1i+bGOwuJSk6Al1fBYlY0GorsV0yPyAOXJqo2yGHA:isSk6M1CXGorau5Ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09c9e4caf96cf9a2d7c766a00e95960d_JaffaCakes118

Files

09c9e4caf96cf9a2d7c766a00e95960d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d41a151e886128e085e4670f79b6c0aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACancelBlockingCall
accept
closesocket
connect
bind

kernel32

QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetTickCount
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsAlloc
TlsGetValue
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
CompareStringA
MultiByteToWideChar
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
lstrlenA
FlushFileBuffers
LoadLibraryA
FindResourceA
FreeEnvironmentStringsW
IsDBCSLeadByteEx
CreateFiberEx
GetModuleFileNameA
DuplicateHandle
CreateMutexA
GetLastError
lstrcmpiA
FindResourceExA
CreateFileW
FindNextChangeNotification
CopyFileExW
GetCommandLineA
FreeConsole
TlsSetValue
ReadProcessMemory
GetModuleFileNameW
lstrlenW
WriteProcessMemory
CompareStringW
CreateFileMappingW
IsBadStringPtrW
GetCurrentProcess
IsDebuggerPresent
TlsFree
GetCPInfoExW
FlushConsoleInputBuffer
AreFileApisANSI
GetModuleHandleA
GetACP
FindCloseChangeNotification
lstrcmpA
lstrcatA
FlushInstructionCache
CreateIoCompletionPort
Sleep
FindNextVolumeMountPointA
FreeLibrary
AddAtomA
TerminateProcess
GetCalendarInfoW
CreateTimerQueue
FindNextVolumeMountPointW
CloseHandle
lstrcpyA
IsBadHugeReadPtr
IsDBCSLeadByte
GetProcAddress
ExitProcess
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
DeleteCriticalSection
GetStartupInfoA
GetSystemTimeAsFileTime

user32

keybd_event
TileWindows
EnableMenuItem
FreeDDElParam
TrackPopupMenu
MessageBoxW
WindowFromDC
GetClassNameA
ShowCaret
EnableScrollBar
UnregisterHotKey
GetAltTabInfoW
DrawIcon
EndPaint
DlgDirListA
SystemParametersInfoW
DrawFocusRect
GetAsyncKeyState
DrawTextW
DlgDirListComboBoxW
DialogBoxParamW
AttachThreadInput
SetWindowsHookExA
ShowWindowAsync
SetWindowsHookW
SetWindowsHookExW
ShowOwnedPopups
EndMenu
ShowWindow
GetCaretPos
GetClassWord
ShowCursor
GetClassNameW
AnimateWindow
SystemParametersInfoA
DrawIconEx
ShowScrollBar
GetClipCursor
UnloadKeyboardLayout
SetWindowTextA
mouse_event
VkKeyScanExA
FlashWindowEx
MessageBoxA
SetWindowWord
SwitchToThisWindow
ValidateRect
DlgDirListComboBoxA
ActivateKeyboardLayout

gdi32

RemoveFontResourceExA
RemoveFontMemResourceEx
BitBlt
SetWorldTransform
GetTextCharset
ResizePalette
PolyBezierTo
CreateRectRgn
GetTextExtentExPointW
GetPixel
CloseMetaFile
UpdateICMRegKeyW
SetWindowExtEx
WidenPath
SetDIBColorTable
CreateHalftonePalette
SetROP2
PolyDraw
GetTextAlign
SetICMProfileA
SetPaletteEntries
ResetDCW
GetTextExtentExPointI
SetICMProfileW
PatBlt
SelectObject
CancelDC
CopyMetaFileW
CreateEllipticRgn
GetRgnBox
GetNearestColor
InvertRgn
SetMetaRgn
GetICMProfileA
SetViewportExtEx
GetWinMetaFileBits
GetLogColorSpaceA
SaveDC
AbortDoc
SetDCPenColor
ColorCorrectPalette
SelectClipRgn
SetSystemPaletteUse
GetRasterizerCaps
SetGraphicsMode
CombineTransform
GetTextCharsetInfo
SetTextColor
SetRectRgn
IntersectClipRect
GetObjectType
CreateHatchBrush
SetLayout
CreateEnhMetaFileW
Chord
BeginPath
GetKerningPairsW
LPtoDP
GetTextCharacterExtra
ScaleWindowExtEx
GetWorldTransform
PolyBezier
SetMapMode
SetPolyFillMode
SetPixel
GetLayout
GetOutlineTextMetricsA
GetTextMetricsW
CreateCompatibleDC
SetColorSpace
ColorMatchToTarget
GetViewportOrgEx
GetKerningPairsA
PlayMetaFile
CreatePolyPolygonRgn
CreateBitmap
SetArcDirection
RemoveFontResourceExW
CopyEnhMetaFileW

shell32

SHGetFileInfoA

ole32

CoInitialize

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d41a151e886128e085e4670f79b6c0aa

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 349KB - Virtual size: 349KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 349KB - Virtual size: 349KB