64580eba18a58925f9b6a0a2d1bea956_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64580eba18a58925f9b6a0a2d1bea956_JaffaCakes118
Size

354KB
MD5

64580eba18a58925f9b6a0a2d1bea956
SHA1

6c2b26dd200783818e8d3d05255cd9cb64e3927a
SHA256

d7e83f6c49d531575ca309b1659b26a9dd657f78a3379ccf6ad4becac8ec448a
SHA512

4b0c0797a092ceb85c19e52566ef1121288a746cd33e4bbeab95ae55252e48f3791b367f1872f98c793568f224a74cafb75bad8769243c3b4b9ebe4d73879ea6
SSDEEP

6144:MU0sba6caXTWy9LycIwMbz/YPYewOtUpiBq9e64yx9M+lWpOVhvrwUD:V0sGzaXqy9L5kQgkNxoxqeW0VhvV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64580eba18a58925f9b6a0a2d1bea956_JaffaCakes118

Files

64580eba18a58925f9b6a0a2d1bea956_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fcce42f3c686fa0d3f24eb9f761d97db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

joy32Message
midiOutSetVolume
midiStreamOpen
mmioStringToFOURCCA
mixerClose
waveOutGetPosition
waveOutGetPlaybackRate
joyGetNumDevs
mmioInstallIOProcA
mciGetDriverData
waveInGetPosition
midiStreamPosition
mciDriverYield
timeEndPeriod
mmsystemGetVersion
GetDriverModuleHandle
mmioAscend
mciSendCommandA
midiOutReset
mmioRead
waveInClose
waveInGetDevCapsW
mci32Message
joyGetThreshold
mmTaskBlock
NotifyCallbackData
joySetThreshold
midiInAddBuffer
mciFreeCommandResource
midiInReset
waveOutReset
midiOutShortMsg
waveInAddBuffer
midiInUnprepareHeader
mmTaskSignal
midiOutGetVolume

kernel32

GetStringTypeW
GetExitCodeThread
GetConsoleAliasExesLengthA
_lcreat
GetLogicalDriveStringsW
VirtualProtectEx
lstrcmp
TlsFree
EnumDateFormatsA
SizeofResource
DebugActiveProcessStop
IsBadHugeWritePtr
SetProcessWorkingSetSize
VirtualAlloc
FindFirstVolumeW
CreateSocketHandle
SetCurrentDirectoryA
LoadLibraryA
AreFileApisANSI
TryEnterCriticalSection
GlobalFindAtomW
GetConsoleAliasesW
QueryPerformanceCounter
CommConfigDialogW
PurgeComm
GetModuleHandleW
GetStringTypeA
WaitForMultipleObjectsEx
GetCPInfoExW
FillConsoleOutputAttribute
GetBinaryTypeW
VirtualFree
GetPrivateProfileStringW
SetInformationJobObject
RemoveVectoredExceptionHandler
GetUserDefaultUILanguage
WriteConsoleOutputW
GetProfileSectionW
OpenProcess
TerminateJobObject
WriteProfileStringA
VerifyConsoleIoHandle
FindActCtxSectionStringA
SetConsoleCursorInfo
OutputDebugStringA
GetStartupInfoW
GetVDMCurrentDirectories
OpenFileMappingW
ExpandEnvironmentStringsW

comctl32

ImageList_BeginDrag
FlatSB_SetScrollProp
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_GetIconSize
FlatSB_GetScrollProp
ImageList_Duplicate
ImageList_Copy
CreateUpDownControl
ImageList_Remove
CreatePropertySheetPageW
ImageList_SetImageCount
InitCommonControlsEx
MenuHelp
PropertySheet
FlatSB_SetScrollRange
FlatSB_GetScrollRange
ImageList_DragLeave
ImageList_LoadImageA
ImageList_SetFilter
CreateStatusWindowA
ImageList_Add
InitCommonControls
ImageList_DragEnter
GetEffectiveClientRect
ImageList_SetFlags
PropertySheetA
ImageList_DrawEx
ImageList_GetImageRect
ImageList_Merge
ImageList_LoadImageW
ImageList_LoadImage
CreateStatusWindow
ImageList_Replace
CreatePropertySheetPageA
CreateStatusWindowW
ImageList_Write
ImageList_DragMove
ImageList_Destroy
FlatSB_EnableScrollBar

netapi32

NetLocalGroupAdd
NetpMergeFtinfo
NetServerDiskEnum
I_NetDfsIsThisADomainName
NetLocalGroupDelMember
NetDfsGetClientInfo
NetErrorLogClear
NetGroupDel
NetAuditWrite
I_NetServerPasswordGet
NetpOpenConfigData
I_NetlogonComputeClientDigest
NetReplImportDirAdd
I_BrowserQueryOtherDomains
NetLocalGroupSetInfo
NetUserModalsGet
NetpGetConfigValue
NetUseAdd
I_NetLogonControl2
DsRoleDcAsReplica
DsRoleAbortDownlevelServerUpgrade
NetServerComputerNameDel
NetpCleanFtinfoContext
NetUserEnum
I_NetlogonComputeServerDigest

wtsapi32

WTSSetSessionInformationA
WTSEnumerateSessionsW
WTSVirtualChannelOpen
WTSVirtualChannelPurgeOutput
WTSRegisterSessionNotification
WTSEnumerateSessionsA
WTSEnumerateProcessesA
WTSFreeMemory
WTSSendMessageW
WTSDisconnectSession
WTSEnumerateServersA
WTSVirtualChannelQuery
WTSQuerySessionInformationA
WTSUnRegisterSessionNotification
WTSEnumerateServersW
WTSSetUserConfigA
WTSSendMessageA
WTSVirtualChannelPurgeInput
WTSOpenServerW
WTSQuerySessionInformationW
WTSVirtualChannelRead
WTSLogoffSession
WTSQueryUserToken
WTSSetUserConfigW
WTSOpenServerA

ntdll

ZwTraceEvent
RtlInitializeGenericTableAvl
RtlMapGenericMask
RtlSetLastWin32Error
RtlFreeThreadActivationContextStack
vDbgPrintExWithPrefix
ZwAreMappedFilesTheSame
ZwAccessCheckByTypeAndAuditAlarm
strspn
isupper
ZwCreateEventPair
RtlxAnsiStringToUnicodeSize
LdrShutdownThread
RtlWalkHeap
_CIpow
NtWriteRequestData
CsrAllocateMessagePointer
ZwRenameKey
PfxInsertPrefix
RtlCopyString
RtlResetRtlTranslations
RtlUnhandledExceptionFilter2
ZwQueryInformationProcess
RtlValidAcl
_ftol
DbgUiSetThreadDebugObject
ZwTerminateProcess
RtlGenerate8dot3Name
ZwFindAtom
RtlSetAttributesSecurityDescriptor
__toascii
ZwQuerySystemEnvironmentValueEx
DbgBreakPoint
_aullrem
ZwReplyPort
vsprintf
RtlConvertLongToLargeInteger
ZwOpenThreadTokenEx
RtlGetNtVersionNumbers
RtlConvertSharedToExclusive

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 599KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcce42f3c686fa0d3f24eb9f761d97db

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

comctl32

netapi32

wtsapi32

ntdll

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 148KB - Virtual size: 599KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 148KB - Virtual size: 599KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB