168a70b428bb7adc16499b7e78211c16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

168a70b428bb7adc16499b7e78211c16_JaffaCakes118
Size

423KB
MD5

168a70b428bb7adc16499b7e78211c16
SHA1

2be894d223a114872859668cede0073ba390c237
SHA256

577a8e3e3bf5b39b651183165f35d2ed1c2bae6d7b44cdc6ab568806597ce63e
SHA512

774386d4438ddc6ec3abff57f887c64a170a756241677edc6497a2dfedf3d1b99dbc2a828d30491e064804c41ee4cb5a6e2c2dd46179d07de290c98242e4ab55
SSDEEP

6144:5cD5yoqaDy92PopgT8KW3HxiBbjDNRbo3A7AIoy9iHppNVk7xZ26X9qAlYLOVUIj:5cnGX9hu3D3bDj9iHPjk3sAlG09pL+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168a70b428bb7adc16499b7e78211c16_JaffaCakes118

Files

168a70b428bb7adc16499b7e78211c16_JaffaCakes118
.exe windows:5 windows x86 arch:x86

510285611c8fe2962043c9dc2ca7dd69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileApisToOEM
ReadConsoleOutputCharacterW
HeapReAlloc
AddVectoredExceptionHandler
GetProfileStringW
ChangeTimerQueueTimer
CreateFileMappingW
GetComputerNameExA
GetNamedPipeInfo
GetNumaAvailableMemoryNode
_lclose
Heap32ListNext
GetTempFileNameW
FindResourceExA
GlobalAlloc
ReadConsoleA
lstrcatA
LoadLibraryA
GetTimeFormatA
WaitNamedPipeW
BuildCommDCBA
_llseek
SetProcessWorkingSetSize
WaitCommEvent
GetCommProperties
FindFirstChangeNotificationW
FindVolumeClose
NlsGetCacheUpdateCount
GetLogicalDriveStringsW
lstrcpyn
VirtualQuery
GetHandleContext
HeapUnlock
GetSystemDefaultUILanguage
CreateProcessInternalA
CreateToolhelp32Snapshot
IsDebuggerPresent
InterlockedIncrement
GetCurrentConsoleFont
SetFileShortNameW
LoadLibraryExW
Heap32First
GetThreadPriorityBoost
DuplicateHandle
QueryPerformanceCounter
GetPrivateProfileSectionNamesA
GetNextVDMCommand
Module32NextW
DebugActiveProcessStop
GetGeoInfoW
MultiByteToWideChar
SetConsoleCursor
GetConsoleAliasesLengthW
DnsHostnameToComputerNameW
ExpandEnvironmentStringsW
GetShortPathNameA
IsProcessInJob
GlobalUnWire
VirtualFree
IsValidLocale
GetDateFormatW
LZCreateFileW
GetFileTime
WriteConsoleOutputCharacterW
LoadResource
TerminateJobObject
GetSystemTimeAdjustment
RemoveLocalAlternateComputerNameA
GetConsoleInputExeNameA
HeapSummary
FormatMessageA
Module32First
GlobalCompact
GlobalSize
CallNamedPipeA
GetSystemInfo
SetSystemTimeAdjustment
LocalFlags
GetSystemWindowsDirectoryA
GetLongPathNameA
GetQueuedCompletionStatus
SystemTimeToFileTime
GetWriteWatch
GetModuleHandleA
VirtualAlloc
DefineDosDeviceA
SetConsoleCursorMode
MapUserPhysicalPagesScatter
LeaveCriticalSection
IsBadHugeReadPtr
UnregisterWaitEx
OpenFileMappingW
GetConsoleScreenBufferInfo
HeapAlloc
GlobalFlags
GetPrivateProfileIntW
InterlockedPushEntrySList
lstrcmp
IsProcessorFeaturePresent
VerifyVersionInfoA
CreateConsoleScreenBuffer
GetCurrentThread
GetFileAttributesExA
GetUserDefaultLCID
WriteFileGather
GetUserDefaultLangID
WaitForDebugEvent
SetConsoleWindowInfo
lstrcat

ole32

MonikerRelativePathTo
CoGetMarshalSizeMax
OleConvertOLESTREAMToIStorage
CoDisconnectObject
CoQueryAuthenticationServices
HACCEL_UserMarshal
StgGetIFillLockBytesOnFile
HMENU_UserFree
CLSIDFromProgIDEx
SNB_UserSize
CoQueryClientBlanket
CoInitializeWOW
CoRegisterSurrogateEx
CoGetPSClsid
CoInvalidateRemoteMachineBindings
CoMarshalInterThreadInterfaceInStream
CoReleaseServerProcess
HACCEL_UserSize
PropSysFreeString
StgCreatePropSetStg
HWND_UserFree
StgOpenStorageOnHandle
WriteFmtUserTypeStg
CreateFileMoniker
CoGetInterceptor
CoGetProcessIdentifier
OleCreateStaticFromData
HBRUSH_UserFree
GetClassFile
CreateAntiMoniker
StgCreateDocfileOnILockBytes
CoGetObject
CoSetState
StgOpenPropStg
STGMEDIUM_UserMarshal
HMETAFILEPICT_UserSize

msvcrt40

?underflow@filebuf@@UAEHXZ
_safe_fprem
_lrotr
_mbsset
??0ofstream@@QAE@H@Z
?unexpected@@YAXXZ
_getpid
??_7istream@@6B@
_commit
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
memset
??_Gstdiobuf@@UAEPAXI@Z
??1filebuf@@UAE@XZ
??1ifstream@@UAE@XZ
_osver
_wfindnexti64
??6ostream@@QAEAAV0@D@Z
_adj_fpatan
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?name@type_info@@QBEPBDXZ
_adj_fdiv_m32
_wgetenv
_itow
mbtowc
__p___wargv
?setbuf@streambuf@@UAEPAV1@PADH@Z
_strnset
??0exception@@QAE@XZ
_umask
?overflow@filebuf@@UAEHH@Z
mbstowcs
?text@filebuf@@2HB
_putw
_cabs
_wcsicmp
_kbhit
_wstat
_hypot
_splitpath
??_8stdiostream@@7Bistream@@@
??_Eistream_withassign@@UAEPAXI@Z
_mbsnbcoll
_getdcwd
??_7fstream@@6B@

msrating

RatingFreeDetails
RatingCustomDeleteCrackedData
RatingEnable
RatingAddPropertyPages
RatingSetupUI
RatingObtainQuery
ClickedOnPRF
RatingAccessDeniedDialog
RatingCustomCrackData
ChangeSupervisorPassword
RatingCustomRemoveRatingHelper
RatingAccessDeniedDialog2
RatingCustomAddRatingHelper
RatingObtainCancel
RatingInit
ClickedOnRAT
RatingCustomAddRatingSystem
RatingCustomInit
VerifySupervisorPassword
RatingEnabledQuery
RatingCheckUserAccess
RatingCustomSetDefaultBureau
RatingCustomSetUserOptions

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

510285611c8fe2962043c9dc2ca7dd69

Headers

File Characteristics

Imports

kernel32

ole32

msvcrt40

msrating

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 227KB - Virtual size: 683KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 227KB - Virtual size: 683KB

.rsrc
Size: 19KB - Virtual size: 19KB