1aa9182aa1b1655ced1b44319608cb57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1aa9182aa1b1655ced1b44319608cb57_JaffaCakes118
Size

241KB
MD5

1aa9182aa1b1655ced1b44319608cb57
SHA1

257fcbe88d7881460735a72bfd2e0b59ff2d7b3d
SHA256

c7cdb8122ee9cf665160373432b167f826c729d71216230a46d262fdb365a9ec
SHA512

759b2afeb9d667c4a9324dc90b44c51fc940d4ce53636f10da16e7cd843255136a9f7d387f14eb6f42c5b135629d684e9e518cb63fa0a364e4329e60612370c4
SSDEEP

6144:AEJCobwjxYKYbthj7B/m9MD5LoFTvxfoMuixegMi:DYjxYjbthjo2D50xJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa9182aa1b1655ced1b44319608cb57_JaffaCakes118

Files

1aa9182aa1b1655ced1b44319608cb57_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec64f994210255262a1ee2da458d138e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsstr
_ftol
wcscat
wcscpy
wcsncpy
_except_handler3
free
malloc
swprintf
wcschr
_ultow
iswspace
wcsncmp
_wcslwr
_errno
wcstoul
wcsrchr
wcscmp
_wcsicmp
rand
srand
_endthreadex
_beginthreadex
realloc
_purecall
??2@YAPAXI@Z
wcslen
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
??3@YAXPAX@Z

advapi32

RegQueryInfoKeyA
GetUserNameW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegOpenKeyExA

kernel32

GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GetProcAddress
LoadLibraryW
SetProcessWorkingSetSize
HeapCreate
HeapDestroy
GetCurrentProcess
GetVersionExW
CloseHandle
CreateFileW
GetSystemDirectoryW
FreeLibrary
GetWindowsDirectoryW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
WaitForSingleObject
CreateMutexW
GetCurrentThreadId
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
ReadFile
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
lstrcatW
lstrcpynW
lstrlenW
LoadLibraryExW
GetModuleHandleW
GetLocaleInfoA
LockResource
LoadResource
FindResourceExW
FindClose
FindNextFileW
FindFirstFileW
ResetEvent
WaitForMultipleObjects
SetEvent
CreateEventW
GetSystemDefaultLangID
TerminateThread
CreateThread
CreateFileA
IsBadReadPtr
MulDiv
LCMapStringW
GetModuleFileNameW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SizeofResource
FindResourceW
GetStringTypeExW
GetStringTypeExA
GetModuleHandleA
GetStartupInfoW
RaiseException
SetLastError
lstrlenA
GetTickCount
Sleep
GetLastError
IsBadWritePtr
LoadLibraryA
LocalAlloc
InterlockedExchange
GetACP

gdi32

LineTo
EndPath
GetPaletteEntries
GetStockObject
FillRgn
FrameRgn
SetPolyFillMode
BeginPath
Ellipse
RoundRect
CreatePen
CreateCompatibleBitmap
SetTextColor
SetBkMode
TranslateCharsetInfo
CreateCompatibleDC
DeleteDC
GdiFlush
StretchDIBits
GetRgnBox
CreateRectRgn
SetStretchBltMode
ExtCreateRegion
GetRegionData
CreateFontW
GetDeviceCaps
CreateFontIndirectW
CombineRgn
SetRectRgn
GetSystemPaletteEntries
CreateDIBSection
CreatePalette
CreateHalftonePalette
SetBkColor
EnumFontFamiliesExW
GetTextAlign
ExtTextOutW
GetTextColor
GetTextExtentPointW
TextOutW
GetTextExtentPoint32W
GetNearestPaletteIndex
SetTextAlign
DeleteObject
FillPath
MoveToEx
GetObjectW
SelectPalette
RealizePalette
BitBlt
CreateSolidBrush
SetMapMode
SelectObject
GetTextMetricsW

user32

SetFocus
FindWindowW
FindWindowExW
GetUpdateRect
GetClientRect
GetSysColorBrush
FrameRect
DrawTextW
CharNextW
GetClassNameW
GetDlgItemInt
SetDlgItemInt
DrawIconEx
SetDlgItemTextW
MessageBeep
CallWindowProcW
IsDlgButtonChecked
SendDlgItemMessageW
CheckDlgButton
CheckRadioButton
GetDlgItem
SystemParametersInfoW
MoveWindow
LoadIconW
PostMessageW
DestroyWindow
IsWindow
SetRectEmpty
GetSysColor
ReleaseDC
GetDC
IsWindowVisible
SetTimer
UpdateLayeredWindow
FillRect
ScrollDC
InflateRect
CopyRect
UpdateWindow
InvalidateRect
EndPaint
BeginPaint
SetWindowPos
SetRect
GetWindowRect
SetWindowRgn
IsWindowEnabled
ShowWindow
KillTimer
DefWindowProcW
SetWindowLongW
GetWindowLongW
CreateWindowExW
RegisterClassW
LoadCursorW
ValidateRect
IsRectEmpty
GetWindowRgn
GetSystemMetrics
SendMessageW
SetCapture
AllowSetForegroundWindow
ClientToScreen
GetAsyncKeyState
ReleaseCapture
GetCapture
ScreenToClient
GetCursorPos
PeekMessageW
EnableWindow
GetDoubleClickTime
SetCursor
RegisterClassExW
SendMessageTimeoutW
GetKeyboardState
RegisterHotKey
UnregisterHotKey
LoadImageW
MessageBoxW
PostQuitMessage
DispatchMessageW
SetWindowTextW
IsDialogMessageW
GetMessageW
wsprintfW
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
OffsetRect
PtInRect
WinHelpW
DestroyIcon
GetParent
RegisterWindowMessageW
SendNotifyMessageW
DrawEdge
DestroyMenu
keybd_event
GetKeyboardLayout
AppendMenuW
TrackPopupMenu
SetForegroundWindow
GetForegroundWindow
CreatePopupMenu
TranslateMessage

ole32

CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
OleInitialize
OleUninitialize
GetClassFile
CoUnmarshalInterface
CoInitialize
CoUninitialize
CoSuspendClassObjects
CoRegisterMessageFilter
CoMarshalInterface
CreateStreamOnHGlobal
CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysAllocString
SysStringLen
VariantInit
SysFreeString
VariantClear
VariantCopy
VariantChangeType
LoadRegTypeLi
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarI4FromStr

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec64f994210255262a1ee2da458d138e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

ole32

oleaut32

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 50KB - Virtual size: 68KB

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 50KB - Virtual size: 68KB