0f946d00bac5410005cfeaeeb43143b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f946d00bac5410005cfeaeeb43143b6_JaffaCakes118
Size

177KB
MD5

0f946d00bac5410005cfeaeeb43143b6
SHA1

15acdc08a75dc18bf5c1ec36cfd8244a6b6cf385
SHA256

323875758385bda9f85892ef144fc4dfcf162768c235ac3cfaf83021d2752cd7
SHA512

bbe5ea7d2f58205b98f80483a170ab0333c5824c3517733c3a1efd9019ab6d5e2e9ef8db66fe87db741e11d2566b09588931bc8b74b93a472cd024ab10a0fbb7
SSDEEP

3072:eajqdVK1oT8YvtyeQsvySkmIWwTNGz6C5/5Y5+ikzNFbWf:e60VK1oAMtye5qSFaGxZxiYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f946d00bac5410005cfeaeeb43143b6_JaffaCakes118

Files

0f946d00bac5410005cfeaeeb43143b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c21961a366648b134bf5a7a2832c42b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

accept
WSACancelBlockingCall
closesocket

kernel32

GetCPInfo
HeapSize
HeapReAlloc
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
WriteFile
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GetOEMCP
IsValidCodePage
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
lstrlenA
LoadLibraryA
CopyFileExW
GetCalendarInfoA
CloseHandle
GetModuleFileNameA
FlushFileBuffers
FindVolumeClose
TlsSetValue
CreateMutexA
GetLastError
IsBadWritePtr
CreateIoCompletionPort
GetCommandLineA
IsDBCSLeadByte
DebugActiveProcess
ReadProcessMemory
ContinueDebugEvent
GetModuleFileNameW
lstrlenW
FlushInstructionCache
WriteProcessMemory
FlushConsoleInputBuffer
CreateFiber
IsBadStringPtrW
GetCurrentProcess
IsDebuggerPresent
CompareStringA
GetModuleHandleA
CreateTimerQueue
FindVolumeMountPointClose
FindNextChangeNotification
lstrcmpiA
lstrcmpA
TerminateProcess
Sleep
ConvertDefaultLocale
Toolhelp32ReadProcessMemory
AddAtomA
DisableThreadLibraryCalls
FindNextVolumeMountPointA
FindResourceExA
FreeEnvironmentStringsA
lstrcpyA
FindCloseChangeNotification
lstrcatA
CreateFileW
FreeUserPhysicalPages
TlsGetValue
DuplicateHandle
AreFileApisANSI
CreateConsoleScreenBuffer
FindResourceA
GetProcAddress
FlushViewOfFile
GetAtomNameW
TlsFree
ExitProcess
LCMapStringA
LCMapStringW
GetStdHandle
TlsAlloc
GetModuleHandleW
RaiseException
HeapAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
HeapFree

user32

DrawIcon
FlashWindow
SystemParametersInfoA
GetAltTabInfoW
SetWindowTextA
GetClassLongW
UnhookWindowsHook
DrawFocusRect
TabbedTextOutW
DestroyWindow
mouse_event
SwitchDesktop
UserHandleGrantAccess
ExcludeUpdateRgn
TrackMouseEvent
DestroyMenu
SetWindowsHookExA
DlgDirListComboBoxW
UpdateWindow
SwapMouseButton
EnableWindow
SetWindowTextW
GetActiveWindow
AttachThreadInput
UpdateLayeredWindow
DialogBoxParamW
SetWindowWord
DrawCaption
ValidateRgn
DrawAnimatedRects
DialogBoxParamA
DlgDirListW
ShowCaret
DestroyIcon
GetClientRect
FrameRect
GetAncestor
SystemParametersInfoW
ShowScrollBar
VkKeyScanW
ActivateKeyboardLayout
MessageBoxA
keybd_event
UnregisterHotKey
GetClipCursor
UnhookWinEvent
SwitchToThisWindow

gdi32

GetTextMetricsW
CreateDIBPatternBrush
SetICMProfileW
GetKerningPairsA
GetPath
GetMiterLimit
CheckColorsInGamut
SelectPalette
PlayMetaFile
SetMapperFlags
GetViewportOrgEx
GetTextFaceA
WidenPath
CombineRgn
ScaleWindowExtEx
GetTextCharsetInfo
CopyEnhMetaFileW
AbortPath
SetMetaRgn
GetRandomRgn
SetSystemPaletteUse
MoveToEx
CancelDC
GetTextExtentExPointW
SetPolyFillMode
SetMapMode
Chord
CombineTransform
SetViewportExtEx
Rectangle
UnrealizeObject
BitBlt
StartPage
CreatePolygonRgn
SetWorldTransform
ColorMatchToTarget
GetStockObject
GetRgnBox
Pie
SetTextCharacterExtra
CloseMetaFile
RemoveFontMemResourceEx
SetArcDirection
MaskBlt
SelectObject
ColorCorrectPalette
GetPixel
SetICMProfileA
CloseFigure
GetTextColor
SetMiterLimit
UpdateICMRegKeyA
GetTextMetricsA
SetDCPenColor
GetObjectA
SetRectRgn
GetTextCharacterExtra
PathToRegion
SelectClipRgn
ModifyWorldTransform
CreateRectRgn
CreatePatternBrush
SetROP2
CreateBitmap
PlayEnhMetaFile
PlgBlt
StrokeAndFillPath
GetTextFaceW
SetTextAlign
GetWinMetaFileBits
CreatePolyPolygonRgn
CreateEllipticRgn
SetGraphicsMode
PolyDraw
PolyPolyline
GetKerningPairsW
GetMapMode
CreateCompatibleBitmap
GetICMProfileW
SetTextJustification

shell32

SHGetFileInfoA

ole32

CoCreateInstance

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c21961a366648b134bf5a7a2832c42b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 26KB - Virtual size: 26KB