16c68b91494d35a41b677d1f8888593a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16c68b91494d35a41b677d1f8888593a_JaffaCakes118
Size

124KB
MD5

16c68b91494d35a41b677d1f8888593a
SHA1

79ba72453c7005f885dc018696afc7b938a0d6fe
SHA256

6e3b99407b3274fd39bd2b6d39fc34d50324366da4d237eb9a9a8f5d225be7b2
SHA512

7cee86ee9a86df010904153a0afda1fd372e004b859cef7d976c9b834b2989a5a314816b8c9b62777530e11ae643abe746fb2676e8e15e774bd5ca465eb5f255
SSDEEP

3072:8UWLdTzu68tLIhN1ieOGfahd5EJGg6lRbBRZnzMoUw+F6UY:shn8tO1ieOGfiXBgGBfzMZFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c68b91494d35a41b677d1f8888593a_JaffaCakes118

Files

16c68b91494d35a41b677d1f8888593a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e08b7feb0a7368f230a571d14c272f92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharToOemA
CharLowerBuffA
AdjustWindowRect
ClientToScreen
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EmptyClipboard
GetClipboardData
GetDC
GetForegroundWindow
GetQueueStatus
GetSystemMetrics
ScreenToClient
SetClipboardData
SetRect
SetWindowPos
LoadCursorA
LoadIconA
MessageBoxW
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
PostThreadMessageA
RegisterClassA
RegisterWindowMessageA
ShowCursor
ShowWindow
ReleaseDC
TranslateMessage
UpdateWindow
wsprintfA

winmm

waveInUnprepareHeader
waveInStart
waveInReset
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveInGetDevCapsW
waveInGetDevCapsA
waveInClose
waveInAddBuffer
waveOutClose
timeKillEvent
timeEndPeriod
timeBeginPeriod
mciSendCommandA
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutWrite
waveOutGetDevCapsA
waveOutGetDevCapsW
timeSetEvent
waveOutGetNumDevs
waveOutUnprepareHeader

dinput

DirectInputCreateW

ole32

PropVariantClear
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

AddAccessAllowedAce
AddAce
SetSecurityDescriptorDacl
SetFileSecurityW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
OpenProcessToken
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
EqualSid
AllocateAndInitializeSid

ws2_32

accept
socket
send
select
recv
listen
ioctlsocket
inet_addr
htons
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
connect
htonl

kernel32

SetThreadAffinityMask
SetStdHandle
SetLastError
SetHandleCount
SetFileTime
SetFilePointer
SetEvent
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryA
RtlUnwind
ResumeThread
RemoveDirectoryW
ReleaseSemaphore
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
PeekNamedPipe
OutputDebugStringA
OpenFile
OpenEventA
MultiByteToWideChar
SetThreadIdealProcessor
MoveFileA
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
SetThreadPriority
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
SetWaitableTimer
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrlenA
MulDiv
GetTimeFormatA
GetTickCount
GetThreadPriority
GetTempPathW
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetSystemDefaultLangID
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetOverlappedResult
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
AreFileApisANSI
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError

shell32

SHGetSpecialFolderPathW
ShellExecuteA
SHFileOperationW

gdi32

GetStockObject
GetDeviceCaps

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e08b7feb0a7368f230a571d14c272f92

Headers

File Characteristics

Imports

user32

winmm

dinput

ole32

version

advapi32

ws2_32

kernel32

shell32

gdi32

Sections

.text Size: 84KB - Virtual size: 83KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 83KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB