6fcf79ccdded6fc642a74a503181f2d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6fcf79ccdded6fc642a74a503181f2d9_JaffaCakes118
Size

464KB
MD5

6fcf79ccdded6fc642a74a503181f2d9
SHA1

7d79af1a37d0be7c8c0a0821f47633573c1d6a8c
SHA256

301fdfa01185183774a5db1c108be58b4d36cbe17c95e21a982a1b5d5d7b315f
SHA512

c754df56841372418b5c37fc37773ab44832570d8605e314943e748b4e76880aab2ac25c14d7fe57b99083c85e49e41ea26b8eed6ca4fcd65584d7fe43a64563
SSDEEP

12288:rz6HV2+RuJrAMilA1bBpDUn8c2som0mu:3zcu9AMiEpi85somm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fcf79ccdded6fc642a74a503181f2d9_JaffaCakes118

Files

6fcf79ccdded6fc642a74a503181f2d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef3d32741141a9ffde06721c65ea07b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

_purecall
strftime
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
??1type_info@@UAE@XZ
_mbsnbicmp
_itoa
_mbsicmp
_mbsnbcpy
_ltoa
_ultoa
fabs
floor
modf
labs
_ftol
swprintf
wcscpy
_mbsnbcmp
_strdup
__p___argv
__p___argc
_beginthreadex
_EH_prolog
_endthreadex
_mbsdec
__p___mb_cur_max
_isctype
__p__pctype
_expand
strcpy
strtod
sprintf
strtol
strtoul
abs
memcmp
calloc
_msize
__CxxFrameHandler
__p__mbctype
localtime
gmtime
time
mktime
_ismbcspace
atoi
_ismbcdigit
_mbclen
vsprintf
_mbsstr
_mbsrchr
_mbscspn
_mbsspn
_mbsrev
_mbspbrk
_mbschr
wcslen
_mbscmp
realloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
memset
_mbsinc
strlen
abort
free
malloc
memmove
memcpy
_CxxThrowException

kernel32

GlobalFlags
GetProcAddress
FreeLibrary
FindClose
MoveFileA
DeleteFileA
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetModuleFileNameA
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
SetFileTime
GetFileAttributesA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
EnterCriticalSection
UnlockFile
SetEndOfFile
LockFile
GetVersion
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetCurrentThreadId
lstrcatA
LockResource
LoadResource
FindResourceA
GlobalAddAtomA
GlobalGetAtomNameA
MulDiv
GetProfileIntA
VirtualProtect
SizeofResource
GetProcessVersion
IsBadWritePtr
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
GetTempPathA
SearchPathA
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
GetCurrentThread
GlobalDeleteAtom
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetTickCount
GetUserDefaultLCID
IsDBCSLeadByte
GetModuleHandleA
DisableThreadLibraryCalls
GetSystemDirectoryA
Sleep
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcmpA
OutputDebugStringA
lstrlenA
IsBadStringPtrW
lstrcpynA
IsBadStringPtrA
SetLastError
TlsGetValue
GetLastError
LoadLibraryA
lstrcpyA
TlsSetValue
IsBadReadPtr
LocalReAlloc

gdi32

MoveToEx
CreateSolidBrush
DeleteDC
StretchDIBits
CreateCompatibleBitmap
GetStockObject
SaveDC
RestoreDC
GetNearestColor
GetBkColor
GetTextColor
GetBkMode
GetROP2
DeleteObject
GetViewportExtEx
GetWindowExtEx
GetTextFaceA
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtTextOutA
GetTextExtentPointA
GetCharWidthA
GetCurrentPositionEx
Escape
GetDeviceCaps
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
IntersectClipRect
PtVisible
RectVisible
DeleteMetaFile
CloseMetaFile
TextOutA
CreatePen
CreatePatternBrush
CreateBitmap
PatBlt
Rectangle
UnrealizeObject
CreateRectRgnIndirect
CreateDCA
StartDocA
CreateFontIndirectA
ScaleWindowExtEx
CreateCompatibleDC
SetROP2
SetStretchBltMode
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
GetObjectType
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
GetMapMode
CombineRgn
SetRectRgn
DPtoLP
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
LPtoDP
SetBrushOrgEx
CopyMetaFileA
CreateMetaFileA
RealizePalette
GetPaletteEntries
CreatePalette
GetPixel
EnumFontFamiliesA
GetPolyFillMode
GetClipBox
BitBlt
GetObjectA
GetTextMetricsA
SelectObject
GetTextAlign
SetBkColor
SetTextColor
SelectPalette
GetStretchBltMode
SetBkMode
SetPolyFillMode

user32

IsIconic
BringWindowToTop
CharUpperA
GetSystemMetrics
CharLowerA
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindowRect
GetWindow
GetMessagePos
GetMessageTime
CallWindowProcA
RemovePropA
GetPropA
SendMessageA
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
SetPropA
SetWindowsHookExA
CallNextHookEx
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
GetWindowPlacement
SetWindowPlacement
TrackPopupMenu
GetMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetScrollInfo
GetParent
IsChild
EnableWindow
IsWindowEnabled
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
ScrollWindow
ScreenToClient
IsWindowVisible
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetFocus
IsWindow
SetActiveWindow
GetFocus
PeekMessageA
DispatchMessageA
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
UpdateWindow
PostMessageA
LoadIconA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
GetDesktopWindow
ShowWindow
GetActiveWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
LoadStringA
wsprintfA
IntersectRect
LoadCursorA
SetCapture
WaitMessage
GetCursorPos
GetWindowThreadProcessId
WindowFromPoint
TranslateMessage
GetMessageA
ClientToScreen
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
RedrawWindow
LoadBitmapA
InflateRect
PtInRect
ReleaseDC
InvertRect
GetWindowDC
OffsetRect
FillRect
SetTimer
KillTimer
SetRect
GetDC
IsZoomed
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
GrayStringA
DrawFocusRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
wvsprintfA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
BeginPaint
EndPaint
TabbedTextOutA
GetClassNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
SetMessageQueue
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
MessageBoxA
InsertMenuA
GetMenuStringA
RegisterClipboardFormatA
ClipCursor
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
CountClipboardFormats
CharNextA
GetNextDlgGroupItem
DrawEdge
EnumChildWindows
FrameRect

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aadata
Size: 2KB - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.o99pa
Size: 2KB - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.o9code
Size: 2KB - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aao
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iq
Size: 2KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oooa
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb2
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb3
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb4
Size: 2KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb5
Size: 2KB - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb6
Size: 2KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb7
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb9
Size: 2KB - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oaps
Size: 2KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef
Size: 2KB - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef0
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef3
Size: 2KB - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef4
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef3d32741141a9ffde06721c65ea07b6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

kernel32

gdi32

user32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 812B

.tls Size: 2KB - Virtual size: 13B

.aadata Size: 2KB - Virtual size: 483B

.o99pa Size: 2KB - Virtual size: 115B

.o9code Size: 2KB - Virtual size: 242B

.aao Size: 128KB - Virtual size: 127KB

.iq Size: 2KB - Virtual size: 60B

.oooa Size: 4KB - Virtual size: 2KB

.obb Size: 2KB - Virtual size: 512B

.obb2 Size: 2KB - Virtual size: 512B

.obb3 Size: 2KB - Virtual size: 512B

.obb4 Size: 2KB - Virtual size: 256B

.obb5 Size: 2KB - Virtual size: 6B

.obb6 Size: 2KB - Virtual size: 200B

.obb7 Size: 2KB - Virtual size: 1KB

.obb9 Size: 2KB - Virtual size: 30B

.oaps Size: 2KB - Virtual size: 300B

.sef Size: 2KB - Virtual size: 110B

.sef0 Size: 128KB - Virtual size: 127KB

.sef3 Size: 2KB - Virtual size: 110B

.sef4 Size: 128KB - Virtual size: 127KB

.CRT Size: 2KB - Virtual size: 8B

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 2KB - Virtual size: 364B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 812B

.tls
Size: 2KB - Virtual size: 13B

.aadata
Size: 2KB - Virtual size: 483B

.o99pa
Size: 2KB - Virtual size: 115B

.o9code
Size: 2KB - Virtual size: 242B

.aao
Size: 128KB - Virtual size: 127KB

.iq
Size: 2KB - Virtual size: 60B

.oooa
Size: 4KB - Virtual size: 2KB

.obb
Size: 2KB - Virtual size: 512B

.obb2
Size: 2KB - Virtual size: 512B

.obb3
Size: 2KB - Virtual size: 512B

.obb4
Size: 2KB - Virtual size: 256B

.obb5
Size: 2KB - Virtual size: 6B

.obb6
Size: 2KB - Virtual size: 200B

.obb7
Size: 2KB - Virtual size: 1KB

.obb9
Size: 2KB - Virtual size: 30B

.oaps
Size: 2KB - Virtual size: 300B

.sef
Size: 2KB - Virtual size: 110B

.sef0
Size: 128KB - Virtual size: 127KB

.sef3
Size: 2KB - Virtual size: 110B

.sef4
Size: 128KB - Virtual size: 127KB

.CRT
Size: 2KB - Virtual size: 8B

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 364B