708daa9d7259c69d6ed5b60fc82d655c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

708daa9d7259c69d6ed5b60fc82d655c_JaffaCakes118
Size

236KB
MD5

708daa9d7259c69d6ed5b60fc82d655c
SHA1

c44f7ffcb44555e0c2fd2262a9a0d4a02bcd4569
SHA256

15eb88f657283fb52d4956cbf35dabd2739a0a7282bb73e1e0c63cb1bb691956
SHA512

d27fa5ea6f9f92b5ec290601d4f35dbbdf028bde143833fdfa8d514330e1b826daa15db045fb6ee2d966ccba198034186c8e8e0ac7d1d6f50f3e9fbe7d0fd6e8
SSDEEP

6144:t29TBjaTIx+DCc1BzkxDqOUKTvc3cRdwkvr3Pwn+n:t29TqrL+URMHwIwn+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708daa9d7259c69d6ed5b60fc82d655c_JaffaCakes118

Files

708daa9d7259c69d6ed5b60fc82d655c_JaffaCakes118
.exe .vbs windows:4 windows x86 arch:x86 polyglot

74164d037514638c90b4df23a3294384

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
accept
gethostname
WSAGetLastError
recv
send
getsockname
getpeername
inet_addr
listen
ioctlsocket
connect
htons
htonl
bind
shutdown
closesocket
socket
setsockopt
WSACleanup
WSAStartup

winmm

timeGetTime

kernel32

CloseHandle
CreateFileA
DeviceIoControl
Sleep
Beep
GetCurrentThreadId
GetSystemDirectoryA
GetSystemTime
FlushFileBuffers
CreateDirectoryA
MoveFileA
SetErrorMode
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileTime
SetFilePointer
ReadFile
WriteFile
SetFileTime
SystemTimeToFileTime
SetEndOfFile
GetVersionExA
WaitForSingleObject
SetThreadPriority
GetCurrentThread
OpenEventA
GlobalUnlock
GlobalLock
GlobalAlloc
SetProcessShutdownParameters
TerminateProcess
CreateProcessA
ReleaseMutex
CreateMutexA
GetStdHandle
AllocConsole
MoveFileExA
FormatMessageA
SetLastError
WriteConsoleA
OutputDebugStringA
GetCurrentProcessId
OpenProcess
SearchPathA
GlobalFree
TlsGetValue
TlsFree
TlsAlloc
DuplicateHandle
GetLastError
TlsSetValue
CreateSemaphoreA
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
DeleteFileA
FreeLibrary
CopyFileA
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
GetVersion
GetModuleHandleA
lstrlenA
GetCurrentProcess
GetStartupInfoA
GetProfileStringA
GetComputerNameA
ResumeThread
CreateThread
IsBadWritePtr
IsBadReadPtr

user32

GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
EnableWindow
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
EnableMenuItem
DestroyMenu
LoadMenuA
ToAscii
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
PeekMessageA
GetMenuItemID
WaitMessage
IsIconic
WaitForInputIdle
GetParent
GetClipboardOwner
GetClipboardData
GetForegroundWindow
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
SetClipboardViewer
IsWindow
EnumWindows
GetWindowTextA
OpenDesktopA
FindWindowA
GetClassNameA
ChangeClipboardChain
DestroyWindow
GetDesktopWindow
WindowFromPoint
GetWindowRect
RegisterWindowMessageA
mouse_event
InvalidateRect
wsprintfA
GetKeyboardState
keybd_event
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetCursorPos
SetCursorPos
GetDC
ReleaseDC
EnumDisplaySettingsA
GetDlgItemTextA
SetFocus
EndDialog
SetWindowTextA
LoadStringA
DialogBoxParamA
GetScrollInfo
PostMessageA
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
SetForegroundWindow
MessageBoxA
SystemParametersInfoA
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
AdjustWindowRect
CreateWindowExA
GetWindowLongA
SetWindowLongA
ShowWindow
GetSystemMetrics
SetWindowPos
IsRectEmpty
LoadImageA
EnumDesktopWindows

gdi32

BitBlt
CreatePalette
GetBitmapBits
GetObjectA
RealizePalette
CreateDIBSection
SelectPalette
SetDIBColorTable
GetDeviceCaps
CreateCompatibleBitmap
GetPixel
ExtEscape
GetSystemPaletteEntries
SetBkMode
GetStockObject
GetClipBox
CreateCompatibleDC
CreateSolidBrush
SelectObject
PatBlt
DeleteDC
GetDIBits
CreateDCA
GdiFlush
StretchBlt
DeleteObject

shell32

Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx

ole32

CoInitialize
CoCreateInstance

advapi32

OpenProcessToken
RegCreateKeyExA
RevertToSelf
DuplicateToken
ImpersonateLoggedOnUser
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

_ismbcdigit
atoi
_mbsicmp
memcpy
strcpy
strrchr
strlen
strcat
??3@YAXPAX@Z
__CxxFrameHandler
sprintf
memset
strstr
strcmp
malloc
free
printf
strncpy
memmove
sscanf
__dllonexit
strncat
strchr
tolower
??2@YAPAXI@Z
abs
calloc
fflush
_fdopen
_dup2
_open_osfhandle
_onexit
_exit
_XcptFilter
fclose
_iob
_acmdln
__getmainargs
_initterm
__setusermatherr
_vsnprintf
ctime
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
_purecall
strncmp
_snprintf
time
fgets
fopen
exit
setbuf
_beginthreadex
_endthreadex
fprintf
realloc
memcmp
_strdup
_strnicmp
_CxxThrowException
_stricmp

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

Sections

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 194KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74164d037514638c90b4df23a3294384

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

shell32

version

comctl32

ole32

advapi32

msvcrt

msvcp60

Sections

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 194KB - Virtual size: 209KB

.rsrc Size: 13KB - Virtual size: 12KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 194KB - Virtual size: 209KB

.rsrc
Size: 13KB - Virtual size: 12KB