4123686eb1219c524d89430b86d8c0d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4123686eb1219c524d89430b86d8c0d0_JaffaCakes118
Size

329KB
MD5

4123686eb1219c524d89430b86d8c0d0
SHA1

2440e0accd0560e050198cb4ef917607f1b260bf
SHA256

2b2878d6bb0b525d6773a7447aa5a9da0c2391cab2944a7e82c4042be3ec656a
SHA512

765d096d48ac80aa7cc76bbef47117334ec3106e27120035fc0b8fdf572009ccd667add99872a944596b160f07e85a746205c6152e0d589da34ff63384de479f
SSDEEP

6144:b23Vf5in9njHwR8y4DyqDLL/tWUBx4OJhFh3BN5fhSkcvfzxU:62Nbry4+Y/PP4OJjN5fhSfd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4123686eb1219c524d89430b86d8c0d0_JaffaCakes118

Files

4123686eb1219c524d89430b86d8c0d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36e2b3a848838cf16e3f42c7d138704b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ipv6mon.pdb

Imports

msvcrt

_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_onexit
__CxxFrameHandler
_wcsicmp
wcscpy
_exit
_c_exit
_controlfp
?terminate@@YAXXZ
__dllonexit

advapi32

RegOpenKeyExA
AllocateAndInitializeSid
DuplicateTokenEx
OpenProcessToken
IsWellKnownSid
GetAce
GetAclInformation
GetSecurityDescriptorDacl
FreeSid
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
CheckTokenMembership

kernel32

GetTickCount
GetProcAddress
GetModuleHandleW
MulDiv
CloseHandle
lstrcmpiW
WaitForMultipleObjects
CreateThread
GetCurrentThreadId
OpenEventW
CreateEventW
SetEvent
GetLastError
lstrlenW
OpenProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoW
GetVersionExA
LoadLibraryA

gdi32

CreateFontIndirectW
SetBitmapDimensionEx
ExtTextOutW
StretchBlt
BitBlt
GetStockObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
RealizePalette
GetObjectW
GetDeviceCaps
DeleteObject
CreatePalette
PatBlt

user32

OpenWindowStationW
SetProcessWindowStation
GetSystemMetrics
PtInRect
SetRectEmpty
InflateRect
CopyRect
EqualRect
GetWindowRect
GetClientRect
ClientToScreen
UpdateWindow
IsWindowVisible
SetTimer
KillTimer
GetActiveWindow
SystemParametersInfoW
GetKeyState
MessageBoxW
GetAsyncKeyState
GetMessagePos
AdjustWindowRectEx
EnableWindow
IsWindow
RegisterWindowMessageW
IsIconic
IntersectRect
IsRectEmpty
SetRect
FillRect
EnableMenuItem
GetSubMenu
LoadMenuW
PostMessageW
GetSystemMenu
InvalidateRect
OpenClipboard
GetProcessWindowStation
LoadCursorW
DrawIconEx
GetIconInfo
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursor
ReleaseDC
GetDC
GetCursorPos
SetWindowLongW
CloseDesktop
GetUserObjectInformationW
OpenDesktopW
OpenInputDesktop
SetThreadDesktop
GetThreadDesktop
WinHelpW
RedrawWindow
DrawIcon
AppendMenuW
SendMessageW
LoadIconW
UnregisterHotKey
wsprintfW
RegisterHotKey
GetUserObjectSecurity
SetForegroundWindow

shell32

SHAppBarMessage
ShellExecuteW

ole32

CoUninitialize
CoInitialize

psapi

EnumProcesses

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36e2b3a848838cf16e3f42c7d138704b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

psapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 226KB - Virtual size: 233KB

.bss Size: - Virtual size: 51KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 226KB - Virtual size: 233KB

.bss
Size: - Virtual size: 51KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB