277115318a5fcf60e461c3e6b388a596_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

277115318a5fcf60e461c3e6b388a596_JaffaCakes118
Size

221KB
MD5

277115318a5fcf60e461c3e6b388a596
SHA1

d57e0d7b5e92f47c4338b23c2df637546b9ce910
SHA256

c0f993f45ce51d89a42659a1727097d34651098ddb580e44d54c671d35ef61d0
SHA512

0c0a93fb2fe1533c18cb30d0cddc1c8d9e52ab6f3504ee8fca1ebf848dca1186d08c0e6b871da1a7987e55438b06caf345f0789525a77bbfa1d694d97bf2025c
SSDEEP

6144:ZsnZr/qko/CZXNl1pYJiicn6eb2DAuAqpl34l+48lN:W7HYJEn6QTuW+4g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277115318a5fcf60e461c3e6b388a596_JaffaCakes118

Files

277115318a5fcf60e461c3e6b388a596_JaffaCakes118
.exe windows:2 windows x86 arch:x86

b8b81e77ad33d3a1709a63381e468ec6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetDateFormatW
GetLongPathNameW
lstrcmpW
lstrcatW
GetTempFileNameW
IsBadStringPtrW
GetCurrentThreadId
GetLogicalDriveStringsW
GetTempPathW
CopyFileExA
InitializeCriticalSection
SetCalendarInfoW
CreateEventA
CloseHandle
SetComputerNameW
GetSystemInfo
GetTempPathA
lstrcatA
BeginUpdateResourceA
GetNamedPipeInfo
lstrcmpW
GetFileAttributesW
GetModuleHandleA
EndUpdateResourceW
GetVersion
GetStartupInfoW
GetFileAttributesA
GetLocaleInfoW
LoadLibraryA
IsBadStringPtrA
GetDiskFreeSpaceA
DeleteAtom
SetEvent
GetFileType
MulDiv
GetUserDefaultLCID
FatalAppExitW
QueryPerformanceCounter
CreatePipe
lstrcpy
RemoveDirectoryA
GetProcAddress
FindResourceW
GlobalAlloc
CreateEventW
OpenProcess
SetPriorityClass

user32

GetCapture
PostQuitMessage
TrackPopupMenu
AdjustWindowRect
BringWindowToTop
GetTopWindow
GetMessageW
InsertMenuA
EnableWindow
GetMenu
GetWindowRgn
GetMenuState
FindWindowW
SendMessageW
EnumDesktopsA
EmptyClipboard
ShowCaret
EnumDesktopsW
GetActiveWindow
WaitForInputIdle
ShowWindow
MessageBoxIndirectW
GetKeyState
LoadImageA
SetParent
GetDlgItemInt
PostMessageW
CharNextW
ArrangeIconicWindows
wsprintfW
AppendMenuW
MessageBoxW
DialogBoxParamA

gdi32

CreateBitmapIndirect
ArcTo
CreateFontW
ColorCorrectPalette
SetPaletteEntries
CreatePalette
ResizePalette
CreateEllipticRgn
CopyMetaFileA
Escape
GetDIBits
GetMiterLimit
SetICMProfileA
CreateRectRgn
EndDoc
FlattenPath
GetStretchBltMode
EnumEnhMetaFile
IntersectClipRect
GetMetaFileA
SetGraphicsMode
SetPixel
CreateBitmap
SwapBuffers

advapi32

RegSetValueW
RegSaveKeyA
RegEnumValueA
RegEnumKeyW
RegCreateKeyExA
RegSetValueA
RegCreateKeyW
RegCreateKeyA
RegEnumValueW
RegQueryValueExA
RegDeleteKeyA

shell32

Shell_NotifyIconW
StrRStrW
SHGetFolderPathW
SHBrowseForFolderW

ole32

CoGetDefaultContext
CoCreateInstanceEx
CoGetObject
CoFileTimeNow
CoUninitialize
CoCreateInstance
CoGetCallerTID
CoDosDateTimeToFileTime

oleaut32

VarUI2FromDate
VarR4FromR8
SafeArrayGetRecordInfo
LoadTypeLibEx
VarOr

version

VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoA

ws2_32

WSASend
setsockopt
WSADuplicateSocketW
recv
send
getsockopt
WSACloseEvent
htons

wininet

InternetSetPerSiteCookieDecisionW
FindFirstUrlCacheContainerA
FtpCommandA
FindFirstUrlCacheEntryW
InternetConnectW
DeleteUrlCacheContainerA
FtpSetCurrentDirectoryW
FtpCreateDirectoryA
FtpGetCurrentDirectoryW
InternetSecurityProtocolToStringA
UnlockUrlCacheEntryFileW
GopherCreateLocatorW

winspool.drv

AddPrinterW
EnumPrintProcessorDatatypesA
StartDocPrinterW
PerfClose
GetPrinterDataA
GetPrintProcessorDirectoryW
SetPrinterDataA
GetPrintProcessorDirectoryA
DocumentEvent

inetcomm

MimeOleSetBodyPropA
MimeEditIsSafeToRun
MimeOleGetContentTypeExt
GetDllMajorVersion
MimeOleSMimeCapAddSMimeCap
HrAttachDataFromFile
MimeOleDecodeHeader

oledlg

OleUIAddVerbMenuW
OleUIChangeIconA
OleUICanConvertOrActivateAs
OleUIPasteSpecialA
OleUIPromptUserW
OleUIUpdateLinksW
OleUIConvertW
OleUIChangeSourceW
OleUIConvertA
OleUIInsertObjectW
OleUIInsertObjectA

wsock32

WSAStartup
EnumProtocolsA
getpeername
getprotobyname
setsockopt
WSAStartup
select
socket
GetAcceptExSockaddrs
GetServiceA

crypt32

CryptEncryptMessage
I_CryptGetOssGlobal
I_CryptEnableLruOfEntries
CryptMsgGetAndVerifySigner
CryptAcquireContextU
I_CryptRemoveLruEntry
CryptVerifyCertificateSignature

Sections

.edata
Size: 1024B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 42KB

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8b81e77ad33d3a1709a63381e468ec6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

ws2_32

wininet

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.edata Size: 1024B - Virtual size: 25KB

.edata Size: 18KB - Virtual size: 17KB

.rdata Size: 1KB - Virtual size: 18KB

.rdata Size: 6KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 40KB

.edata Size: 1KB - Virtual size: 42KB

.rdata Size: 1024B - Virtual size: 19KB

.data Size: 8KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 24KB

.edata Size: 1024B - Virtual size: 38KB

.rsrc Size: 179KB - Virtual size: 178KB

.reloc Size: 1024B - Virtual size: 4KB

.edata
Size: 1024B - Virtual size: 25KB

.edata
Size: 18KB - Virtual size: 17KB

.rdata
Size: 1KB - Virtual size: 18KB

.rdata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 40KB

.edata
Size: 1KB - Virtual size: 42KB

.rdata
Size: 1024B - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 24KB

.edata
Size: 1024B - Virtual size: 38KB

.rsrc
Size: 179KB - Virtual size: 178KB

.reloc
Size: 1024B - Virtual size: 4KB