46353e84954ae55995aae3e874777894_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46353e84954ae55995aae3e874777894_JaffaCakes118
Size

344KB
MD5

46353e84954ae55995aae3e874777894
SHA1

85aa7bdc1ba060630cbf36a724713194a11c8fe9
SHA256

e5c28254c311dd90308bbb3fa3e36074d0dc5191e11b8540f1459ea421cecc14
SHA512

e30f2d04f802e6d3113ec7edcc107a19b834700a5ccab64f9577c70c33380112c7dbfbcd3d2af0b2c4c8ddf9358fb25b94e37292218068e8923ddb3cfc59bce5
SSDEEP

3072:jFi7XxejJ8BcPclzxFcVrziVMATkLrAXxBrjWx0SN6tBVtZk7lv3vHvZh7x85rX4:xaxAJ8BDQ2TkwhkM7ch8+p+izCdC33b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46353e84954ae55995aae3e874777894_JaffaCakes118

Files

46353e84954ae55995aae3e874777894_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcce9f6a613af9eccad36eaf9a97995e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\ultravnc_192\UltraVNC Project Root\UltraVNC\uvnc_settings\release\uvnc_settings.pdb

Imports

comctl32

InitCommonControlsEx
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

CopyFileA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
CreateEventA
WaitForSingleObject
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetPrivateProfileStructA
WritePrivateProfileStructA
InterlockedIncrement
GetProcessHeap
HeapFree
FormatMessageA
lstrlenA
HeapAlloc
CreateFileW
GetModuleHandleA
InitializeCriticalSection
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
FindClose
FindNextFileA
FindFirstFileA
Sleep
CreateDirectoryA
GetModuleFileNameA
CreateThread
InterlockedDecrement
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
CloseHandle
FlushFileBuffers
ReadFile
SetFilePointer
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetFileType
SetHandleCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
RaiseException
SetEndOfFile

user32

SendDlgItemMessageA
EndDialog
EnableWindow
SendMessageA
GetDlgItem
SetDlgItemInt
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
GetWindowLongA
MessageBoxA
EnumDisplaySettingsA
DestroyWindow
SetWindowPos
MapWindowPoints
GetWindowRect
CreateDialogParamA
LoadStringA
DialogBoxParamA
IsDlgButtonChecked
wsprintfA
CheckDlgButton
SetFocus
ShowWindow
GetWindowTextA
SetWindowTextA
GetDlgItemTextA
GetDlgItemInt

gdi32

DeleteDC
CreateDCA

advapi32

ControlService
CloseServiceHandle
StartServiceA
OpenSCManagerA
OpenServiceA
QueryServiceStatus

shell32

ShellExecuteA

ole32

CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize

oleaut32

SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysFreeString

iphlpapi

GetAdaptersInfo

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcce9f6a613af9eccad36eaf9a97995e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

iphlpapi

ws2_32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 137KB - Virtual size: 140KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 137KB - Virtual size: 140KB