2a70e3ad290956a7e7f70f49d7737f1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a70e3ad290956a7e7f70f49d7737f1f_JaffaCakes118
Size

608KB
MD5

2a70e3ad290956a7e7f70f49d7737f1f
SHA1

579717116e419204daae4d3b9817f124125b8f33
SHA256

08fd477aa1e95388e1df0db657d44722f48233003d2f32d0fc26f381ef5f97c2
SHA512

07b1d9c9d8c3016666bab50c09098ba26d0b5d2bf49c50c080b23f4655fe981f9ab3168137e956f21fddc26538e94ed0a6a43674e7bdbe46dbb81c2f492b8b38
SSDEEP

12288:85iJZmbRHWOKFx+u7etZOTX9ft2w8D1T4l1WYLu:DZmbRReUu7etZEft2F1T4l1W+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a70e3ad290956a7e7f70f49d7737f1f_JaffaCakes118

Files

2a70e3ad290956a7e7f70f49d7737f1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dc4ca9183d3c77ef6ae00995b52bfe5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoInitialize

winmm

timeGetTime

kernel32

AllocConsole
SetEndOfFile
SetFilePointer
MoveFileExA
OutputDebugStringA
WriteConsoleA
OpenProcess
HeapSize
HeapReAlloc
SetLastError
ExitThread
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetFileType
SetStdHandle
ExitProcess
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
TlsGetValue
TlsFree
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetStdHandle
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
CreateMutexA
FindResourceA
SizeofResource
LoadResource
LockResource
TerminateProcess
SetProcessShutdownParameters
CreateProcessA
GetVersionExA
WaitForSingleObject
CreateFileA
GetDiskFreeSpaceExA
GlobalAlloc
CloseHandle
GlobalLock
WriteFile
FlushFileBuffers
SystemTimeToFileTime
SetFileTime
DeleteFileA
GlobalUnlock
GlobalFree
GetFileSize
GetFileTime
FileTimeToSystemTime
ReadFile
FatalAppExitA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
SetConsoleCtrlHandler
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetACP
GetLogicalDriveStringsA
GetDriveTypeA
SetErrorMode
lstrlenA
CreateDirectoryA
GetSystemTime
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
Sleep
IsBadReadPtr
IsBadWritePtr
CreateThread
ResumeThread
GetComputerNameA
GetLastError
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
TlsSetValue
InterlockedExchange

user32

EnumWindowStationsA
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
EnableWindow
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
CheckDlgButton
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
EnableMenuItem
DestroyMenu
PostThreadMessageA
LoadMenuA
VkKeyScanA
GetAsyncKeyState
SetRect
IsIconic
GetParent
WaitForInputIdle
GetClipboardOwner
GetClipboardData
DefWindowProcA
PostQuitMessage
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
GetMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetClipboardViewer
EnumWindows
GetWindowTextA
OpenDesktopA
EnumDesktopWindows
FindWindowA
KillTimer
ChangeClipboardChain
DestroyWindow
PeekMessageA
GetCursorPos
WindowFromPoint
SystemParametersInfoA
GetDesktopWindow
WaitMessage
TranslateMessage
DispatchMessageA
GetClassNameA
GetWindowRect
RegisterWindowMessageA
GetSystemMetrics
mouse_event
InvalidateRect
wsprintfA
GetKeyboardState
keybd_event
SetTimer
GetForegroundWindow
GetWindowThreadProcessId
SetActiveWindow
MessageBeep
FlashWindow
IsRectEmpty
LoadImageA
ChangeDisplaySettingsA
GetThreadDesktop
SetThreadDesktop
OpenInputDesktop
CloseDesktop
EnumDisplaySettingsA
GetDC
ReleaseDC
GetWindowLongA
EndDialog
GetDlgItemTextA
SetFocus
SetWindowLongA
SetWindowTextA
LoadStringA
SetForegroundWindow
DialogBoxParamA
GetScrollInfo
PostMessageA
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
MessageBoxA
SendMessageA
MapVirtualKeyA

gdi32

CreateDIBSection
GdiFlush
GetStockObject
GetObjectA
CreatePalette
SelectPalette
RealizePalette
SetDIBColorTable
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits
GetPixel
GetClipBox
CreateCompatibleDC
CreateSolidBrush
SelectObject
CreateRectRgn
CombineRgn
DeleteObject
SetRectRgn
OffsetRgn
GetRegionData
GetRgnBox
EqualRgn
GetSystemPaletteEntries
CreateDCA
ExtEscape
DeleteDC
GetBitmapBits
PatBlt
BitBlt

wsock32

recv
send
getsockname
getpeername
accept
listen
ioctlsocket
WSAGetLastError
htons
htonl
bind
shutdown
closesocket
socket
setsockopt
WSACleanup
WSAStartup
inet_addr
gethostname
gethostbyname
connect

shell32

SHAppBarMessage
Shell_NotifyIconA

advapi32

ReportEventA
DeregisterEventSource
SetServiceStatus
RegOpenKeyA
RegDeleteValueA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenProcessToken
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegisterEventSourceA

vnchooks

SetHooks
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHooks

Sections

.text
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dc4ca9183d3c77ef6ae00995b52bfe5

Headers

File Characteristics

Imports

ole32

winmm

kernel32

user32

gdi32

wsock32

shell32

advapi32

vnchooks

Sections

.text Size: 336KB - Virtual size: 334KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 64KB - Virtual size: 134KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 152KB - Virtual size: 149KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 336KB - Virtual size: 334KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 64KB - Virtual size: 134KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 152KB - Virtual size: 149KB

.reloc
Size: 20KB - Virtual size: 17KB