34b766942b71b0b5e179ca183115a87b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34b766942b71b0b5e179ca183115a87b_JaffaCakes118
Size

98KB
MD5

34b766942b71b0b5e179ca183115a87b
SHA1

3ee2e66d8b4325af5fe5ffbb63230532db77e23b
SHA256

991b0e3d722452f1f2822d4a719221be738c3cf296ef314c5eaecb08ea9fc66d
SHA512

b503bb2c3605ade11ae9e822a12435f7f3c53a3e4fc95a271cbb5f427adb758ef6c963277bb6d4282eab64d9ad004434e878a4c19126ca9c6c4016585d7f345f
SSDEEP

1536:WOJDFtu2QBnwXLox0wwoktCAfXxupi32/jUv2VOOIhvFZ5Psv:WOdW9wboyw9Uxk/ADOIhvFZ5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34b766942b71b0b5e179ca183115a87b_JaffaCakes118

Files

34b766942b71b0b5e179ca183115a87b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6720027f1311f602ce5ac8e4fc6d2b0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
CloseHandle
GetVersionExA
DeleteCriticalSection
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
CreateFileMappingA
ExitProcess
EnterCriticalSection
VirtualAlloc
lstrcmpiA
LeaveCriticalSection
GetSystemWindowsDirectoryA
TerminateThread
InitializeCriticalSection
ExpandEnvironmentStringsA
VirtualFree
GetTickCount
GetFileAttributesExA
MapViewOfFileEx
lstrcpynA
UnmapViewOfFile
lstrlenA
GetProcessHeap
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
MultiByteToWideChar
RtlUnwind
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
Sleep
GetModuleHandleW
HeapReAlloc
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
HeapAlloc
HeapFree
GetLastError
lstrcmpA
GetProcAddress
LoadLibraryA
WaitForSingleObject

gdi32

CreateBrushIndirect
CreateMetaFileW
GetCharWidthA
Rectangle
CreateCompatibleBitmap
SetMapMode
ColorMatchToTarget
SetEnhMetaFileBits
CombineRgn
GetCharABCWidthsA
GetGlyphIndicesA
DPtoLP
CreateRectRgnIndirect
RemoveFontResourceExW
SetBitmapDimensionEx
PolyPolyline
GetKerningPairsA
CreatePenIndirect
GetEnhMetaFileDescriptionA
FlattenPath
SetRectRgn
GetWorldTransform
DeleteObject
UnrealizeObject
EnumMetaFile
GetDCBrushColor
GetBoundsRect
CreatePalette
GetTextCharsetInfo
GetArcDirection
SetPixel
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetRgnBox
PolyTextOutW
RemoveFontMemResourceEx
PolyTextOutA
SetArcDirection
CreateMetaFileA
AngleArc
EnumObjects
GetTextFaceA
GetCharWidthFloatA
GetMetaFileA
SetDCBrushColor
GetCurrentObject
GetDIBits
SetBrushOrgEx
GetFontLanguageInfo
StretchBlt
GetDeviceCaps
CreateDIBSection
GetBkMode
ExtTextOutW
GetCharWidthI
MaskBlt
SetTextColor
StartPage
GetMetaFileBitsEx
GetTextExtentExPointI
GetDCPenColor
WidenPath
GetEnhMetaFileBits
GetEnhMetaFileA
EnumEnhMetaFile
FloodFill
GetWindowExtEx
SetWindowExtEx
CreateColorSpaceA
LPtoDP
ExtEscape
SetICMMode
GetICMProfileA
SetMetaFileBitsEx
GetCharWidthFloatW
GetTextExtentPoint32A
GetGlyphOutlineA
CancelDC
GetTextMetricsW
FrameRgn
SetGraphicsMode
GetPixelFormat
CreateFontIndirectExA
RemoveFontResourceExA
SetDIBitsToDevice
GetWindowOrgEx
TranslateCharsetInfo
GetPath
SetLayout
AddFontResourceA
EnumFontFamiliesW
SetWindowOrgEx
SetBitmapBits
ExtCreatePen
GetBitmapBits
GetCharABCWidthsI
CreateEllipticRgn
StrokePath
BeginPath
CloseFigure
GetBrushOrgEx
EnumFontsA
TextOutA
GetGraphicsMode
GetOutlineTextMetricsW
Ellipse
DeleteMetaFile
ExtCreateRegion
GetTextCharacterExtra
SetICMProfileW
OffsetClipRgn
SaveDC
EndPath
PolylineTo
GetKerningPairsW
RealizePalette
SetPolyFillMode
GetCharacterPlacementA
PlayEnhMetaFileRecord
GetMetaRgn
GetTextExtentPointW
CreateSolidBrush
CombineTransform
GetFontUnicodeRanges
SetColorAdjustment
CreateBitmapIndirect
GetColorAdjustment
SelectPalette
GetSystemPaletteUse
GetObjectW
GetTextExtentExPointA
GetCharABCWidthsW
EnumFontFamiliesA
SetTextCharacterExtra
SetBoundsRect
CreateScalableFontResourceA
GetAspectRatioFilterEx
StartDocW
CreateRoundRectRgn
GetNearestPaletteIndex
GetTextFaceW
GetNearestColor
GetCharWidth32A
GetCharABCWidthsFloatA
CreateScalableFontResourceW
PlgBlt
GetSystemPaletteEntries
CreatePatternBrush
SetTextJustification
FixBrushOrgEx
GetEnhMetaFilePixelFormat
Chord
GdiGradientFill
PolyBezier
GetTextMetricsA
ChoosePixelFormat
EnumFontFamiliesExW
GetGlyphOutlineW
ArcTo
RectVisible
SetPixelFormat
RoundRect
SetTextAlign
GetStretchBltMode
ExtSelectClipRgn
IntersectClipRect
CreateDIBitmap
GetObjectA
EndDoc
GetStockObject
SwapBuffers
SetWinMetaFileBits
PaintRgn
GetGlyphIndicesW
CreateDiscardableBitmap
GetTextCharset
GetTextColor
CloseMetaFile
CreateICW
ModifyWorldTransform
GetRandomRgn

comdlg32

CommDlgExtendedError
GetOpenFileNameA
ChooseColorW
PrintDlgW
GetSaveFileNameW
ReplaceTextW
ChooseFontA
PageSetupDlgW
ReplaceTextA

ole32

CoInitialize

activeds

ord5
ord7
ord30
ord29
ord14
ord8
ord4
ord16
ord20
ord23
ord12
ord6
ord19
ord3

comsvcs

CoLeaveServiceDomain
CoEnterServiceDomain

imm32

ImmConfigureIMEA
ImmSetCompositionWindow
ImmGetConversionStatus
ImmSetStatusWindowPos
ImmAssociateContext
ImmGetCandidateListW
ImmSetCandidateWindow
ImmInstallIMEA
ImmSimulateHotKey
ImmGetVirtualKey
ImmGetRegisterWordStyleW
ImmGetImeMenuItemsW
ImmSetOpenStatus
ImmUnregisterWordW
ImmGetGuideLineA
ImmGetCompositionFontW
ImmEnumRegisterWordW
ImmGetRegisterWordStyleA
ImmGetCompositionStringW
ImmGetDescriptionA
ImmGetGuideLineW
ImmReleaseContext
ImmDisableTextFrameService
ImmIsIME
ImmGetCandidateListCountA
ImmGetContext
ImmGetIMEFileNameA
ImmGetCandidateListA
ImmEscapeW
ImmSetCompositionFontA
ImmRegisterWordW

iphlpapi

GetUdpStatistics
DeleteIpForwardEntry
GetNumberOfInterfaces
CreateIpForwardEntry
NotifyAddrChange
GetExtendedTcpTable
GetIfEntry
SetIpStatistics
GetBestInterfaceEx
GetIpNetTable
CancelIPChangeNotify
CreateProxyArpEntry
DeleteProxyArpEntry
DeleteIpNetEntry
DisableMediaSense
CreateIpNetEntry
GetIpForwardTable
IpReleaseAddress
NotifyRouteChange
SetIpNetEntry
SendARP
GetTcpStatisticsEx
GetIpAddrTable
AddIPAddress
GetExtendedUdpTable
FlushIpNetTable
GetIpErrorString
GetOwnerModuleFromTcpEntry
SetIfEntry
GetAdapterOrderMap
GetRTTAndHopCount

msi

ord36
ord169
ord251
ord248
ord193
ord56
ord261
ord238
ord109
ord262
ord129
ord231
ord8
ord6
ord39
ord256
ord173
ord232
ord108
ord242
ord131
ord65
ord83
ord45
ord95
ord229
ord60
ord15
ord272
ord195
ord244
ord176
ord210
ord274
ord130
ord253
ord67
ord85
ord239
ord137
ord252
ord81

msimg32

TransparentBlt

comctl32

FlatSB_GetScrollInfo
ImageList_Merge
ImageList_Destroy
PropertySheetW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6720027f1311f602ce5ac8e4fc6d2b0f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

ole32

activeds

comsvcs

imm32

iphlpapi

msi

msimg32

comctl32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 14KB - Virtual size: 21KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 14KB - Virtual size: 21KB