30c0bba56cadc4943823f6a583b325a2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30c0bba56cadc4943823f6a583b325a2_JaffaCakes118
Size

228KB
MD5

30c0bba56cadc4943823f6a583b325a2
SHA1

9f984b5bd4fb0dc14bf16554ce2d15d4d2e74f6a
SHA256

173497ccd844cabb04ce642da3f0210cf191a3657fc6dd8256b815a0a98acd07
SHA512

7b4cb76cc1af5be8b5e7f451a388e50220da22c49b5e48372f0b8125d54da149b3e3e1ecdbb757d96669a4ebdfae3e760641e829f16e1c7a238a80ec4a371452
SSDEEP

6144:cct/noKrlm5pOsUtvVUR5VMqHJFR0qQO9inCbjt:cc9nojULURFHJ7BdinC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30c0bba56cadc4943823f6a583b325a2_JaffaCakes118

Files

30c0bba56cadc4943823f6a583b325a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae8f986bdf4294532a6d8f67c83c1377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

inet_addr
accept
listen
htonl
bind
WSACleanup
WSAStartup
ioctlsocket
gethostbyname
getpeername
connect
shutdown
closesocket
socket
setsockopt
recv
send
WSAGetLastError
gethostname
gethostbyaddr
getsockname
htons

kernel32

GetVersionExA
GetComputerNameA
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
WritePrivateProfileStringA
CreateProcessA
ResumeThread
SetThreadPriority
GetExitCodeThread
GetModuleFileNameA
SetProcessShutdownParameters
CreateFileMappingA
GetCurrentThread
LocalFree
LocalAlloc
HeapFree
HeapAlloc
lstrlenW
lstrcmpiW
MultiByteToWideChar
lstrcmpA
WaitForSingleObject
GetTickCount
CreateEventA
SetEvent
TerminateThread
ResetEvent
GetPrivateProfileStringA
GetSystemDirectoryA
SetFilePointer
lstrcatW
lstrcpynA
WideCharToMultiByte
UnhandledExceptionFilter
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
ExitThread
TlsSetValue
CreateThread
GetSystemTime
GetTimeZoneInformation
GetLocalTime
RtlUnwind
CopyFileA
MoveFileExA
GetCurrentProcess
DuplicateHandle
FreeLibrary
LoadLibraryA
GetProcAddress
SetLastError
WriteFile
SetFileTime
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
lstrlenA
MoveFileA
GetLastError
CreateFileA
ReadFile
FindFirstFileA
FindNextFileA
FindClose
GetLogicalDrives
GetDriveTypeA
lstrcmpiA
lstrcatA
lstrcpyA
CloseHandle
Sleep
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
ExitProcess
SetEnvironmentVariableA

user32

GetDlgItem
MessageBeep
GetWindowLongA
KillTimer
PostQuitMessage
IsClipboardFormatAvailable
LoadMenuA
GetSubMenu
SetMenuDefaultItem
EnableMenuItem
DeleteMenu
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
DestroyMenu
SetTimer
CreateDialogParamA
SetDlgItemTextA
UpdateWindow
GetWindowRect
GetDesktopWindow
SetWindowPos
GetClipboardOwner
GetClipboardData
DefWindowProcA
RegisterClipboardFormatA
EnumWindows
OpenInputDesktop
SetWindowTextA
OpenDesktopA
ExitWindowsEx
EnumDisplaySettingsA
ChangeClipboardChain
LoadIconA
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetClipboardViewer
SystemParametersInfoA
GetWindowDC
PostThreadMessageA
DestroyWindow
GetWindowThreadProcessId
LoadCursorA
AttachThreadInput
GetCaretPos
ClientToScreen
GetClassNameA
GetCursor
GetIconInfo
VkKeyScanA
CharUpperBuffA
GetMessageA
IsWindow
IsDialogMessageA
TranslateMessage
EndDialog
FlashWindow
GetDlgItemTextA
SetThreadDesktop
DispatchMessageA
PeekMessageA
CloseDesktop
MessageBoxA
GetThreadDesktop
PostMessageA
GetKeyboardState
MapVirtualKeyA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
WindowFromPoint
GetForegroundWindow
SendMessageA
mouse_event
GetAsyncKeyState
keybd_event
DialogBoxParamA
GetKeyboardLayoutNameA
wsprintfA
LoadStringA
CopyRect
GetSystemMetrics
GetDC
ReleaseDC
GetUserObjectInformationA

gdi32

GetDeviceCaps
CreateSolidBrush
SetBkMode
SetBkColor
GetStockObject
CreateCompatibleDC
GetSystemPaletteEntries
CreateHalftonePalette
GetPaletteEntries
DeleteObject
CreatePalette
SelectPalette
RealizePalette
GdiFlush
CreateDIBSection
SelectObject
BitBlt
DeleteDC
GetBitmapBits
GetObjectA

advapi32

AddAccessAllowedAce
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
RegDeleteValueA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegQueryValueExA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetThreadToken
OpenThreadToken
FreeSid
PrivilegedServiceAuditAlarmA
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeAcl
RegCloseKey
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetUserNameW

shell32

ShellExecuteA
Shell_NotifyIconA
DragAcceptFiles
DragQueryFileA

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae8f986bdf4294532a6d8f67c83c1377

Headers

File Characteristics

Imports

version

wsock32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 36KB - Virtual size: 47KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 36KB - Virtual size: 47KB

.rsrc
Size: 24KB - Virtual size: 22KB