0db8c2e6524a76451cce2d95af5a5a31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0db8c2e6524a76451cce2d95af5a5a31_JaffaCakes118
Size

31KB
MD5

0db8c2e6524a76451cce2d95af5a5a31
SHA1

fb9341d2fef2ed9110abf871f42cb11d725fe48d
SHA256

d648927b5d2ebd4c9ab22c0abb470e72d92663cdfde4aa5ad1db4df8d253a8b7
SHA512

b524eeb781d3fd35fc0f4875562645ce41a9fdfb7dc5c7e290f9192ed3f91dc2d933e36a485ea66aaa99e2ca41c2094a7f45dd6713a0ba5603dfbb64302b0552
SSDEEP

768:eEv3jJaqqiO720nsGJ7FBy7Outy+jz8pg1t8c7OAr5Q7B:eJqxe20nsGJhWOutyZpQeJAr5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db8c2e6524a76451cce2d95af5a5a31_JaffaCakes118

Files

0db8c2e6524a76451cce2d95af5a5a31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3a68fb964d392ee2a0eaf0260de6901

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetTempFileNameA
GetFullPathNameA
GetModuleHandleA
CreateSemaphoreA
LeaveCriticalSection
GetOEMCP
LCMapStringW
ReleaseSemaphore
lstrcatA
VirtualProtect
ExitProcess
TlsFree
GetModuleFileNameW
GlobalAddAtomA
RtlUnwind
TlsSetValue
GetLocalTime
SetEndOfFile
FindResourceA
FreeLibrary
GetCurrentProcessId
GetShortPathNameA
SystemTimeToFileTime
GetStringTypeExA
ExitThread
CreateFileA
RaiseException
GetStartupInfoA
GetSystemDirectoryA
EnterCriticalSection
DeleteFileA
_lwrite
GetStringTypeA
_lread
SetCurrentDirectoryA
LoadLibraryA
GetUserDefaultLCID
lstrlenA
ResumeThread
LCMapStringA
TlsGetValue
GetSystemDefaultLCID
FormatMessageW
GetModuleFileNameA
InterlockedDecrement
GetLastError
FindClose
InitializeCriticalSection
GetVersion
RemoveDirectoryA
GetCurrentProcess
MoveFileA
FreeResource
WinExec
CompareStringA
GetTimeZoneInformation
LoadResource
lstrcpynA
GetCommandLineA
LockResource
GetStringTypeW
lstrcmpiA
GetTickCount
FreeEnvironmentStringsA
lstrcpyA
GetVolumeInformationA
CreateDirectoryA
FileTimeToSystemTime
CreateProcessA
GetSystemInfo
InterlockedIncrement
SetEnvironmentVariableA
ReadFile
GlobalReAlloc
TerminateProcess
CreateEventA
ResetEvent
GetDateFormatA
GetFileAttributesA
VirtualQuery
SetErrorMode
UnlockFile
GetLocaleInfoA
GetEnvironmentStringsW
GetProfileStringA
GetCurrentDirectoryA
VirtualAlloc
GlobalUnlock
HeapAlloc
GetEnvironmentStrings
GetUserDefaultLangID
WriteFile
MultiByteToWideChar
IsDBCSLeadByte
GetProcAddress
SizeofResource
Sleep
FreeEnvironmentStringsW
LoadLibraryExA
lstrcmpA
GetFileTime
SetFileAttributesA
GetCurrentThreadId
GetDriveTypeA
WideCharToMultiByte
CloseHandle
FindNextFileA
_lclose
DeleteCriticalSection
_llseek
OpenProcess
HeapCreate
IsBadCodePtr
SetEvent
SetLocalTime
FormatMessageA
GetACP
GlobalHandle
GlobalLock
SetLastError
CompareStringW
lstrcmpiW
GetWindowsDirectoryA
GetCPInfo
IsBadReadPtr
GlobalSize
GlobalFree
GetVersionExA
GetSystemTime
SetStdHandle
CreateProcessW
TlsAlloc
GlobalDeleteAtom
HeapSize
FindFirstFileA
MulDiv
GetSystemDefaultLangID
DuplicateHandle
FlushInstructionCache
CreateThread
SearchPathA
SetFileTime
LockFile
WaitForSingleObject
HeapDestroy
HeapFree
VirtualFree
GetStdHandle
SetHandleCount
FileTimeToLocalFileTime
SetFilePointer
HeapReAlloc
FlushFileBuffers
GlobalAlloc
GetTempPathA
GetFileType

ws2_32

setsockopt

advapi32

RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegCreateKeyA
DeregisterEventSource
RegOpenKeyW
RegDeleteValueW
RegDeleteValueA
RegQueryInfoKeyA
RegDeleteKeyW
AdjustTokenPrivileges
RegEnumValueW
RegQueryValueExW
RegCloseKey
RegSetValueA
RegEnumKeyA
RegDeleteKeyA
LookupPrivilegeValueA
RegCreateKeyW
ReportEventA
RegSetValueExW
InitializeSecurityDescriptor
OpenProcessToken
SetSecurityDescriptorDacl
RegEnumKeyW
RegOpenKeyExA
RegisterEventSourceA
RegEnumValueA
RegQueryValueExA

ddraw

DirectDrawEnumerateA

user32

GetScrollPos
DeleteMenu
DdeUninitialize
ToAscii
TranslateMDISysAccel
GetActiveWindow
DrawFocusRect
CreateAcceleratorTableA
FindWindowA
keybd_event
GetWindowRect
SetParent
GetWindowThreadProcessId
CharToOemA
InflateRect
OemToCharA
PostMessageW
WaitMessage
GetMessagePos
CallNextHookEx
EmptyClipboard
LockWindowUpdate
DefMDIChildProcA
GetTabbedTextExtentA
CharUpperBuffW
FrameRect
DestroyCaret
TranslateMessage
GetSubMenu
DdeGetData
DdeCreateDataHandle
SetWindowsHookExW
EndPaint
IsWindowVisible
BringWindowToTop
IsChild
UnhookWindowsHookEx
CharNextA
AppendMenuA
DdeFreeDataHandle
MessageBoxIndirectA
ReleaseDC
SetDlgItemTextA
EnableWindow
SetWindowLongA
CreateDialogParamA
ShowWindow
PeekMessageA
SetKeyboardState
FillRect
GetCaretBlinkTime
SetWindowRgn
GetMenuItemID
DrawMenuBar
GetWindowDC
CharToOemBuffA
AttachThreadInput
VkKeyScanA
CheckMenuItem
CopyAcceleratorTableA
BeginDeferWindowPos
GetPropA
AdjustWindowRect
SetTimer
GetMenuItemInfoA
CreateCaret
HideCaret
GetDoubleClickTime
PeekMessageW
SetMenu
DrawIcon
DeferWindowPos
IsIconic
EnableMenuItem
MessageBoxA
GetDCEx
GetFocus
TrackPopupMenu
IntersectRect
GetDC
GetMenu
AdjustWindowRectEx
DdeCmpStringHandles
GetAsyncKeyState
ModifyMenuA
DrawFrameControl
DdePostAdvise
MoveWindow
BeginPaint
DdeCreateStringHandleA
LoadStringA
DdeQueryConvInfo
LoadCursorA
SetScrollInfo
UpdateWindow
LoadImageA
SetWindowsHookExA
SetMenuItemInfoA
GetDlgItem
EndDialog
SetFocus
ShowCursor
CharUpperA
GetWindowTextLengthA
GetKeyboardState
ScreenToClient
RemoveMenu
SetForegroundWindow
PostQuitMessage
DefFrameProcA
GetKeyboardLayout
GetCapture
VkKeyScanW
IsCharAlphaA
CopyRect
WinHelpA
DispatchMessageA
CreateWindowExA
DdeConnect
DdeClientTransaction
CloseClipboard
SetRect
GetScrollInfo
GetClipboardFormatNameA
ReleaseCapture
MessageBeep
GetSystemMetrics
SetCapture
DestroyCursor
GetUpdateRect
EnumThreadWindows
IsZoomed
GetQueueStatus
SetWindowContextHelpId
CharLowerA
SetCursorPos
SystemParametersInfoA
MsgWaitForMultipleObjects
IsWindow
PostThreadMessageA
SetClipboardData
SetScrollRange
GetDesktopWindow
GetWindowTextA
RegisterClassA
RegisterClassExA
DestroyWindow
RemovePropA
CharLowerBuffW
CreateIcon
GetCaretPos
GetSystemMenu
OffsetRect
CreateCursor
GetClassNameA
GetClassInfoExA
GetClientRect
GetWindowLongA
PtInRect
GetForegroundWindow
SubtractRect
ClipCursor
SetScrollPos
EqualRect
GetParent
IsClipboardFormatAvailable
SetPropA
ShowScrollBar
IsWindowEnabled
SetCursor
CreatePopupMenu
wsprintfA
LoadIconA
WindowFromPoint
DestroyMenu
GetLastActivePopup
GetCursor
RegisterClipboardFormatA
SetWindowPos
SetWindowTextA
CharLowerBuffA
SetCaretPos
DrawTextA
PostMessageA
CharPrevA
GetMenuStringA
DdeAbandonTransaction
GetMenuItemCount
InsertMenuA
GetKeyState
DdeGetLastError
DefWindowProcA
GetUpdateRgn
InvalidateRect
ShowCaret
DestroyIcon
GetWindowRgn
DdeQueryStringA
DdeSetUserHandle
SendDlgItemMessageA
WaitForInputIdle
TabbedTextOutA
SetMenuDefaultItem
IsDialogMessageA
KillTimer
GetIconInfo
DdeNameService
InvalidateRgn
UnregisterClassA
FindWindowW
CharUpperBuffA
SendMessageA
CreateMenu
LoadAcceleratorsA
DdeDisconnect
DdeFreeStringHandle
MapWindowPoints
DialogBoxParamA
GetSysColor
GetMessageTime
IsRectEmpty
ClientToScreen
DestroyAcceleratorTable
GetMenuState
LoadBitmapA
GetWindow
GetClassInfoA
GetClipboardData
DdeInitializeA
EndDeferWindowPos
OpenClipboard
EnumClipboardFormats
SetActiveWindow
CallWindowProcA
GetCursorPos

samlib

SamConnectWithCreds
SamRemoveMultipleMembersFromAlias

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3a68fb964d392ee2a0eaf0260de6901

Headers

File Characteristics

Imports

kernel32

ws2_32

advapi32

ddraw

user32

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 72KB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 10KB - Virtual size: 9KB

.rdata Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 56B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 72KB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 10KB - Virtual size: 9KB

.rdata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 56B