19d7d1b0317c5334b6ffcc02cfdc50f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19d7d1b0317c5334b6ffcc02cfdc50f2_JaffaCakes118
Size

281KB
MD5

19d7d1b0317c5334b6ffcc02cfdc50f2
SHA1

e1d31c0cec4dcb88b915328a569e58dd1f31b81e
SHA256

dfd660de8e5666cfa97fdc5513a982831cb4230361f299d8b1e1e41d1de75946
SHA512

f55752f0b55574135149e20ac3f91102c434dde2b3551f31d2ca043d1f2c0dfc9adb56139309a3b843b8bca287bb12d228ac2d815b559f22e14f67e989f5278d
SSDEEP

6144:T+87CQnGPfW94emS8c3xkvAJ01Gzza7aaner+unnA:68Wg14jS53S801Gz+unnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d7d1b0317c5334b6ffcc02cfdc50f2_JaffaCakes118

Files

19d7d1b0317c5334b6ffcc02cfdc50f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda72af611398e2be95b3687f99c2bf0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetWindowsDirectoryW
CreateProcessW
SetLastError
GetModuleHandleW
MulDiv
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
CloseHandle
FreeLibrary
LocalFree
GlobalFree
GlobalAlloc
OpenProcess
GetComputerNameW
ExpandEnvironmentStringsA
CreateMutexW
GetProcAddress

user32

InflateRect
DrawStateW
ScreenToClient
IsWindow
GetFocus
LoadCursorW
SetCursor
ReleaseCapture
PtInRect
SetCapture
GetIconInfo
SetRect
RedrawWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
IsRectEmpty
SystemParametersInfoW
GetCursorPos
IntersectRect
InvertRect
PostMessageW
GetCapture
DefWindowProcW
GetClassInfoW
GetKeyState
GetMessagePos
ClipCursor
IsWindowVisible
EnableWindow
DrawIconEx
SetRectEmpty
FillRect
GetWindowRect
GetDC
ReleaseDC
LoadImageW
GetSystemMetrics
ModifyMenuW
GetSystemMenu
SetTimer
KillTimer
SetForegroundWindow
SendMessageW
LoadIconW
InvalidateRect
DestroyIcon
PostQuitMessage
CopyRect
GetParent
SetWindowLongW
CreatePopupMenu
AppendMenuW
ClientToScreen
WindowFromPoint
GetDoubleClickTime
CopyIcon
FrameRect
DrawEdge
DispatchMessageW
TranslateMessage
PeekMessageW
GetSysColor
GetClientRect
UpdateWindow
LoadStringW

gdi32

GetObjectW
GetTextExtentPoint32W
GetCurrentObject
GetTextMetricsW
CreatePatternBrush
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateRectRgn
CreateCompatibleBitmap
CreateHalftonePalette
CreatePalette
GetDIBColorTable
BitBlt
RealizePalette
GetDeviceCaps
SetPixel
GetPixel
RoundRect
CreatePen
StretchBlt
PatBlt
CreateCompatibleDC
SelectObject
CreateSolidBrush
CreateFontIndirectW
DeleteObject
GetStockObject

shell32

ShellExecuteW

advapi32

RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExA
RegQueryValueExA
GetSecurityInfo
GetSecurityDescriptorDacl
GetUserNameW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
CreateProcessAsUserW
GetTokenInformation
LookupAccountSidW
RegCloseKey
OpenProcessToken

comctl32

_TrackMouseEvent

msoert2

PszAllocA

dpnet

DirectPlay8Create
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vD
Size: 512B - Virtual size: 763B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZCOOpe
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HH
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EUOaJT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EfJ
Size: 131KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xVuq
Size: 512B - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eHi
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VoF
Size: 81KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda72af611398e2be95b3687f99c2bf0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

msoert2

dpnet

Sections

.text Size: 26KB - Virtual size: 25KB

.vD Size: 512B - Virtual size: 763B

.rdata Size: 4KB - Virtual size: 3KB

.ZCOOpe Size: 2KB - Virtual size: 1KB

.HH Size: 1KB - Virtual size: 1KB

.EUOaJT Size: 1KB - Virtual size: 1KB

.EfJ Size: 131KB - Virtual size: 203KB

.xVuq Size: 512B - Virtual size: 402B

.eHi Size: 512B - Virtual size: 474B

.data Size: 7KB - Virtual size: 42KB

.VoF Size: 81KB - Virtual size: 172KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 26KB - Virtual size: 25KB

.vD
Size: 512B - Virtual size: 763B

.rdata
Size: 4KB - Virtual size: 3KB

.ZCOOpe
Size: 2KB - Virtual size: 1KB

.HH
Size: 1KB - Virtual size: 1KB

.EUOaJT
Size: 1KB - Virtual size: 1KB

.EfJ
Size: 131KB - Virtual size: 203KB

.xVuq
Size: 512B - Virtual size: 402B

.eHi
Size: 512B - Virtual size: 474B

.data
Size: 7KB - Virtual size: 42KB

.VoF
Size: 81KB - Virtual size: 172KB

.rsrc
Size: 24KB - Virtual size: 23KB