4c56687bc68a73fea08eb3defc31d750_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c56687bc68a73fea08eb3defc31d750_JaffaCakes118
Size

91KB
MD5

4c56687bc68a73fea08eb3defc31d750
SHA1

2d5b5848b4bbf0b855ef61158c0f32d7f5364b99
SHA256

3da59d8ff77aa17ead94ab78e19c57d933f5a178e092f0dabfccbbf666da4e4a
SHA512

a6b59ca34de3eb2c5e4e70675c872d6f01a05e53b25fe5c9e67bf0c82a1336c5bd80b141b163650cf0567deb99f24aa096856d22ae02f60a870a7a0ff8bca1e3
SSDEEP

1536:x+jO3zTMvboYYNUoEznnlUhtG0nc2c0kBMSnFTLZDMFP:x+jO3zTMvboNNbEznnlUhc0n5c3maFTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c56687bc68a73fea08eb3defc31d750_JaffaCakes118

Files

4c56687bc68a73fea08eb3defc31d750_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca80527a286e5f82730e07b6c39a2b82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
FormatMessageW
WriteFile
SetFilePointer
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
GetLastError
CreateProcessW
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
ResumeThread
IsBadWritePtr
WaitForMultipleObjects
CloseHandle
CreateFileW
GetCommandLineW
QueryPerformanceCounter
GlobalFree
GetStartupInfoA
InitializeCriticalSection
CreateThread
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
EnterCriticalSection
LocalAlloc
GetModuleHandleA
LocalFree

msvcrt

_except_handler3
_CxxThrowException
wcsrchr
wcstoul
_c_exit
_exit
_XcptFilter
_cexit
_wcsnicmp
_acmdln
__getmainargs
_initterm
_itow
??2@YAPAXI@Z
_wcsicmp
??3@YAXPAX@Z
exit
wcscmp
_controlfp
__set_app_type
_vsnwprintf
wcslen
wcsstr
wcschr
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr

advapi32

LsaOpenPolicy
LsaRetrievePrivateData
RegSetValueExW
LsaStorePrivateData
GetUserNameW
RegConnectRegistryW
RegOpenKeyW
LsaClose
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
ord39988

user32

SendDlgItemMessageW
GetParent
MessageBoxW
EndDialog
SendMessageW
MoveWindow
GetClientRect
SetWindowPos
S�tWindowLongW
GetWindowLongW
UpdateWindow
EnableMenuItem
DestroyIcon
LoadIconW
GetSystemMetrics
CreateWindowExW
TrackPopupMenu
DestroyMenu
GetSubMenu
LoadMenuW
SetDlgItemTextW
GetDlgItemTextW
EnableWindow
GetWindowTextLengthW
GetDlgItem
IsDlgButtonChecked
SetCursor
LoadCursorW
DialogBoxParamW
ShowWindow
LoadStringW
DestroyWindow
GetMenu
PostQuitMessage
RegisterClassExW
LoadImageW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
GetMessageW
SetForegroundWindow
GetDesktopWindow
GetWindowRect
GetWindowInfo
SetWindowTextW
DefWindowProcW

netapi32

NetApiBufferFree
NetUserGetInfo
NetUserModalsGet
DsGetDcNameW

ntdsapi

DsReplicaFreeInfo
DsFreeNameResultW
DsGetDomainControllerInfoW
DsFreeDomainControllerInfoW
DsMakePasswordCredentialsW
DsBindWithCredW
DsFreePasswordCredentials
DsCrackNamesW
DsReplicaGetInfoW
DsBindW
DsUnBindW

comctl32

ImageList_ReplaceIcon
ord17
ImageLi�t_Create

comdlg32

GetSaveFileNameW

shell32

ShellAboutW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

activeds

ord20
ord15
ord9

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca80527a286e5f82730e07b6c39a2b82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

netapi32

ntdsapi

comctl32

comdlg32

shell32

ole32

oleaut32

activeds

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 520B

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 520B

.rsrc
Size: 12KB - Virtual size: 12KB