3eee4bec69cf5f8539c66c5d055e87cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3eee4bec69cf5f8539c66c5d055e87cf_JaffaCakes118
Size

148KB
MD5

3eee4bec69cf5f8539c66c5d055e87cf
SHA1

14dc53bcaad80ae923c622f519c3cf0dea76f2d4
SHA256

b79d4785019768d0f9a3c251db6a15d62e8b175b58e700e74976b2b5c185d288
SHA512

de9ca06f996651bdd646c32761d1547cb562a929aab7b2054249d62b966c1b91c649a34b091026b91530df40c2b7cc044c09a12410d0514f05a0bfdb80bb38f0
SSDEEP

3072:98lDFZpuHw4ofHvL4b7PJxFSaxwA81jul4560:9+FZp0csbDJLSaxe1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eee4bec69cf5f8539c66c5d055e87cf_JaffaCakes118

Files

3eee4bec69cf5f8539c66c5d055e87cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cae0469143ff8c95c0e29d8f6c5c29c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetAce
OpenThreadToken
GetPrivateObjectSecurity
EqualSid
RevertToSelf
CryptReleaseContext
CryptCreateHash
SetSecurityDescriptorDacl

ole32

CoCreateInstance
OleLoadFromStream
GetClassFile
OleCreateMenuDescriptor
CoRegisterClassObject
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
ProgIDFromCLSID
CoCreateInstanceEx
CLSIDFromString

kernel32

IsBadWritePtr
WaitForMultipleObjects
GetFileTime
VirtualQuery
GetSystemTimeAsFileTime
TerminateProcess
GetProcAddress
GetModuleHandleA
UnlockFile
GlobalDeleteAtom
FormatMessageA
CreateFileMappingA
FindNextFileA
MapViewOfFile
LocalFree
FindFirstFileA
IsProcessorFeaturePresent
lstrcmpiA
FindClose
SystemTimeToFileTime
GetSystemDefaultLCID
GetLocalTime
OutputDebugStringA
UnmapViewOfFile
CloseHandle
LocalAlloc
LockFile
MulDiv
SetUnhandledExceptionFilter
RaiseException
GetLastError
UnhandledExceptionFilter
TerminateThread

isigsapi

ExtractAssociatedIconExA
ILLoadFromStream
ImmGetStatusWindowPos
Activate_RunDLL
ImmEnumInputContext
SdbFindFirstTag
SdbGetDatabaseMatch
ILGetSize
SdbFindNextTagRef
ImmDestroyIMCC
ImmPenAuxInput
ImmGetImeInfoEx
ILCombine
ImmDisableTextFrameService
CtfImmLeaveCoInitCountSkipMode
DriveType
ImmGetIMEFileNameA
SdbGetStringTagPtr
ImmGetCandidateWindow
ImmSetCompositionStringA
ImmGetConversionStatus
SetPermLayers
DragQueryPoint
ImmIsIME
CtfAImmIsIME
ImmAssociateContext
SdbOpenDatabase
SdbGetEntryFlags
ImmIMPQueryIMEA
ImmGetProperty
ExtractAssociatedIconA
ImmUnregisterWordA
SdbGetTagDataSize
CtfImmEnterCoInitCountSkipMode
PathResolve

gdi32

GetCurrentPositionEx
EnumObjects
CreateHatchBrush
SetRectRgn
EnumEnhMetaFile
GetPaletteEntries
GetCharWidthA
IntersectClipRect
GetMapMode
SetWinMetaFileBits
GetClipBox
SetBitmapBits
UnrealizeObject
LineTo
GetViewportExtEx
OffsetRgn
Arc
PlayEnhMetaFileRecord
SetWindowExtEx
CreateBrushIndirect
Polyline

user32

ValidateRgn
CreateCaret
IsWindow
CloseClipboard
GetCaretPos
IntersectRect
ShowCursor
SetWindowPlacement
SetCapture
IsRectEmpty
GetUpdateRgn
SetTimer
GetQueueStatus
SetWindowPos
SetClipboardData
SetMessageQueue
GetUpdateRect
IsWindowUnicode
GetWindow
GetSystemMetrics
PostQuitMessage
EndDeferWindowPos
IsChild
EnumThreadWindows
GetWindowWord

msvcrt

_cexit
_ismbblead

Sections

.text
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cae0469143ff8c95c0e29d8f6c5c29c1

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ole32

kernel32

isigsapi

gdi32

user32

msvcrt

Sections

.text Size: 135KB - Virtual size: 136KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 135KB - Virtual size: 136KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 4KB