491552120000dd51384559b0d410855b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

491552120000dd51384559b0d410855b_JaffaCakes118
Size

256KB
MD5

491552120000dd51384559b0d410855b
SHA1

964e1c7c62e01dfecebf7e3a3b0024743e086341
SHA256

182d660766802184daa98c7128c4701c6f4fca51f21412a811886b63d6952e73
SHA512

e648c3cc7222e9fc6485e8df4e73611939063a6baed265b0695a7dc8165f1c57bec9789da6a034ad3d9b73d2d429e8d74de43656cdc1e17f8320cba3ab0666e7
SSDEEP

6144:wt9d/LWPEz2gof2dgHga9zU93FvGwhkHl+KzWcwD:mZLWPDjf2dgAaRU9NN+lQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
491552120000dd51384559b0d410855b_JaffaCakes118

Files

491552120000dd51384559b0d410855b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d39bded624517b880135ac57b4e9014

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
connect

kernel32

VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStdHandle
WriteFile
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsAlloc
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
lstrlenA
AssignProcessToJobObject
FreeUserPhysicalPages
LoadLibraryA
FindResourceW
FindCloseChangeNotification
GetCalendarInfoA
GetModuleFileNameA
AreFileApisANSI
CompareStringA
CreateMutexA
GetLastError
FindNextVolumeMountPointA
AddAtomW
ConvertDefaultLocale
GetCommandLineA
TerminateProcess
FindVolumeClose
DebugActiveProcess
GetACP
ReadProcessMemory
CreateIoCompletionPort
CreateToolhelp32Snapshot
GetModuleFileNameW
lstrlenW
WriteProcessMemory
FlushInstructionCache
TlsFree
CreateTimerQueue
IsDebuggerPresent
GetCurrentProcess
TlsSetValue
GetModuleHandleA
FlushViewOfFile
lstrcmpA
lstrcatA
lstrcmpiA
FlushFileBuffers
Sleep
TlsGetValue
ContinueDebugEvent
FreeEnvironmentStringsA
IsBadHugeReadPtr
lstrcpyA
GetAtomNameW
CreateFiberEx
GetProcAddress
CompareStringW
AddAtomA
IsBadReadPtr
ExitProcess
LCMapStringW
RtlUnwind
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime

user32

SetWindowsHookW
MessageBoxA
SetWindowTextA
UnloadKeyboardLayout
UnregisterHotKey
TrackPopupMenuEx
GetClipboardData
GetClassWord
DlgDirListW
GetClassLongW
DestroyMenu
DlgDirListA
DlgDirListComboBoxW
FrameRect
DrawAnimatedRects
DlgDirSelectExW
UnhookWindowsHook
DlgDirListComboBoxA
DrawIcon
AttachThreadInput
ShowCaret
ActivateKeyboardLayout
DrawMenuBar
EnumClipboardFormats
GetAsyncKeyState
UpdateLayeredWindow
AllowSetForegroundWindow
DrawIconEx
ArrangeIconicWindows
AnimateWindow
EndDeferWindowPos
SetWindowsHookExA
mouse_event
VkKeyScanA
SetWindowTextW
GetClipCursor
ShowCursor
SetWindowsHookExW
EndMenu
DragObject
UserHandleGrantAccess
EnableScrollBar
GetClientRect
VkKeyScanW
ValidateRgn
EnableMenuItem
GetAltTabInfoA

gdi32

StartDocW
GetObjectW
CreateCompatibleDC
SetICMMode
CopyEnhMetaFileW
CreateEllipticRgn
UpdateColors
SetPixel
SetWindowExtEx
BitBlt
CreateBitmap
GetKerningPairsA
GetRgnBox
Rectangle
OffsetRgn
StretchBlt
CreateHatchBrush
GetICMProfileW
GetWorldTransform
GetTextCharset
GetKerningPairsW
SelectObject
CreateRectRgn
SetDCPenColor
PaintRgn
GetTextAlign
RoundRect
PolyBezier
GetICMProfileA
GetSystemPaletteEntries
CombineTransform
GetMetaFileBitsEx
CreateEnhMetaFileW
GetROP2
GetTextColor
CombineRgn
GetPolyFillMode
CloseFigure
StartPage
GetViewportExtEx
GetObjectType
AbortDoc
GetRandomRgn
CreatePolygonRgn
GetObjectA
GetViewportOrgEx
GetNearestColor
GetLogColorSpaceW
PolyPolyline
SelectClipPath
OffsetWindowOrgEx
GetPixel
CreateHalftonePalette
GetTextCharsetInfo
UnrealizeObject
StrokeAndFillPath
SetWindowOrgEx
CreatePen
ResetDCW
GetWinMetaFileBits
GetTextFaceW
CreateCompatibleBitmap
RemoveFontResourceA
CreateDIBPatternBrush
StrokePath
SelectPalette
ScaleViewportExtEx
SetDIBitsToDevice
MaskBlt
GetSystemPaletteUse
CreatePatternBrush
InvertRgn
PathToRegion
SaveDC

shell32

SHGetFileInfoA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d39bded624517b880135ac57b4e9014

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 86KB - Virtual size: 85KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 86KB - Virtual size: 85KB