1796dbc197bc3b179217f50e8c481e56_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1796dbc197bc3b179217f50e8c481e56_JaffaCakes118
Size

29KB
MD5

1796dbc197bc3b179217f50e8c481e56
SHA1

de50acd2015183d734a1f99bdbaa0363765538c5
SHA256

7f8acc58a0ea9c1a9845c525c6d7d07ef8c40f4d9ec47040fd7a4b504db5759f
SHA512

8872efbcb56db3a43003d552979d3cd332c145d5b37545110e3938fa92d64a607d61e3ede1ecb4d3fb53925c07cc9d731ccd87388a3c38e3b531d080b82606a5
SSDEEP

384:2k2CThKxtN9P6cl8CubuHrhnZFAsrr1oJjy2i621XIspCznY76tmWD:f2CtKxL8duLhnZaer6JA6gQnY72F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1796dbc197bc3b179217f50e8c481e56_JaffaCakes118

Files

1796dbc197bc3b179217f50e8c481e56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3294593abb35bd48c67e12e829ef1e4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
CallNamedPipeW
ClearCommError
CloseHandle
CreateConsoleScreenBuffer
CreateMailslotA
CreateNamedPipeW
EnumCalendarInfoW
EnumResourceNamesA
EnumSystemLocalesW
EraseTape
ExitProcess
ExpandEnvironmentStringsW
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindFirstChangeNotificationW
FindFirstFileExA
FindNextFileW
FreeLibrary
FreeLibraryAndExitThread
GetBinaryTypeA
GetCommTimeouts
GetCommandLineW
GetConsoleAliasExesLengthW
GetConsoleAliasesW
GetConsoleCommandHistoryA
GetConsoleKeyboardLayoutNameA
GetConsoleKeyboardLayoutNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetLocalTime
GetLogicalDriveStringsW
GetLongPathNameA
GetMailslotInfo
GetModuleFileNameW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetOverlappedResult
GetPrivateProfileIntW
GetProcessHeaps
GetShortPathNameA
GetStartupInfoW
GetStringTypeExA
GetSystemDirectoryA
GetSystemTime
GetThreadTimes
GetUserDefaultLangID
GetVersion
GetWindowsDirectoryW
GlobalFindAtomA
HeapReAlloc
HeapSize
InitAtomTable
InterlockedExchangeAdd
IsBadHugeReadPtr
IsBadStringPtrW
LeaveCriticalSection
LocalAlloc
PrepareTape
QueryPerformanceCounter
ReadConsoleOutputW
ReadConsoleOutputAttribute
ReadFileScatter
ReadProcessMemory
RtlMoveMemory
SetCommBreak
SetCommConfig
SetConsoleActiveScreenBuffer
SetConsoleCursorPosition
SetDefaultCommConfigA
SetEnvironmentVariableW
SetEvent
SetFileTime
SetLastError
SetLocaleInfoA
SetThreadPriority
SetVDMCurrentDirectories
SetWaitableTimer
SleepEx
SuspendThread
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WaitNamedPipeW
WritePrivateProfileStructW
WriteProfileSectionA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW

user32

AppendMenuW
CallWindowProcA
CascadeChildWindows
CharLowerA
CharLowerBuffW
CharNextA
CharPrevA
CharUpperA
CharUpperW
CloseWindow
CreateDesktopW
CreateDialogIndirectParamA
CreateIconFromResource
CreateWindowExA
DdeCmpStringHandles
DdeQueryStringA
DdeReconnect
DeferWindowPos
DestroyIcon
DlgDirSelectComboBoxExW
DrawFrameControl
DrawStateA
EnumDesktopsA
EnumDesktopsW
FrameRect
GetAltTabInfoW
GetClassNameW
GetClipCursor
GetCursor
GetCursorInfo
GetDesktopWindow
GetFocus
GetForegroundWindow
GetMenu
GetMenuItemID
GetParent
GetPriorityClipboardFormat
GetSubMenu
GetThreadDesktop
GetUserObjectInformationA
GetWindowContextHelpId
GetWindowDC
GetWindowModuleFileNameA
GetWindowThreadProcessId
GrayStringW
InSendMessageEx
IsCharAlphaNumericA
LoadAcceleratorsW
LoadCursorFromFileA
MessageBoxExA
MessageBoxIndirectA
ModifyMenuW
OemToCharW
OpenWindowStationW
PaintDesktop
RealGetWindowClassW
RedrawWindow
RemoveMenu
ScrollDC
SetDeskWallpaper
SetKeyboardState
SetPropW
SetScrollPos
SetWindowTextA
SetWindowTextW
TileWindows
TrackPopupMenuEx
TranslateAcceleratorA
UnhookWindowsHookEx
WINNLSEnableIME
WinHelpW
WindowFromDC

gdi32

AngleArc
CreateDCA
CreateFontW
CreateHatchBrush
CreateICA
CreateScalableFontResourceA
DeleteEnhMetaFile
ExtSelectClipRgn
FixBrushOrgEx
FloodFill
GdiComment
GdiGetBatchLimit
GetBkColor
GetBkMode
GetBoundsRect
GetCharABCWidthsFloatA
GetCharacterPlacementA
GetClipBox
GetClipRgn
GetColorSpace
GetCurrentObject
GetDeviceGammaRamp
GetFontLanguageInfo
GetPixel
GetPolyFillMode
GetROP2
GetStockObject
GetSystemPaletteEntries
PlgBlt
PolyBezierTo
PolyPatBlt
RemoveFontResourceA
ResetDCA
SelectPalette
SetEnhMetaFileBits
SetWindowOrgEx
StretchDIBits
StrokeAndFillPath
TextOutA
TextOutW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xRjn
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flvi
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3294593abb35bd48c67e12e829ef1e4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 22KB

.xRjn Size: 4KB - Virtual size: 12KB

.flvi Size: 3KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 22KB

.xRjn
Size: 4KB - Virtual size: 12KB

.flvi
Size: 3KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 4KB