73d28c3bc65a0cd0169493ad9db68192_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

73d28c3bc65a0cd0169493ad9db68192_JaffaCakes118
Size

434KB
MD5

73d28c3bc65a0cd0169493ad9db68192
SHA1

e75efcd73e68e1021b862754ade70aeefa99decd
SHA256

45af8a91faeff152f4a87589bcc9f619dc0b1e23dbc1a738d7e07373ff5b22be
SHA512

39c7a1817ea868bfc5c9633c2f3032897c1d6557ef84056d24b5e5aab2864556583b0fbb36ad453dfe89805d9b4612cc2be381c2201c33395c8e5985322f3745
SSDEEP

12288:IAmnzmVjW8JTNYRz+0A1ssZit3P3EEBwjwPyJW:IfOW8rC+0ASsZU3RBwAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73d28c3bc65a0cd0169493ad9db68192_JaffaCakes118

Files

73d28c3bc65a0cd0169493ad9db68192_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea39d6dc46552567686547316a4a7a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
lstrlenA
lstrcpyA
GetDriveTypeA
DeleteCriticalSection
GetSystemTime
VirtualFree
SystemTimeToFileTime
LoadLibraryExA
GlobalSize
HeapDestroy
GetSystemDirectoryA
FindResourceA
lstrcmpiA
_lclose
GetModuleHandleA
LCMapStringA
GetEnvironmentStringsW
ResumeThread
FreeEnvironmentStringsW
FormatMessageA
VirtualProtect
WriteFile
SizeofResource
GetLocaleInfoA
GlobalReAlloc
EnterCriticalSection
MulDiv
GetCurrentProcess
SetCurrentDirectoryA
GetFileAttributesA
InterlockedIncrement
GetEnvironmentStrings
FreeResource
GetSystemDefaultLangID
GetOEMCP
HeapSize
SetFilePointer
GetFullPathNameA
TlsSetValue
SetEvent
GetStdHandle
TlsFree
WinExec
LeaveCriticalSection
GetSystemDefaultLCID
GetACP
CloseHandle
GetVersion
TlsGetValue
HeapCreate
GetModuleFileNameA
GetCurrentThreadId
lstrcpynA
GlobalAddAtomA
GetShortPathNameA
InterlockedDecrement
Sleep
GetTimeZoneInformation
CompareStringA
GetUserDefaultLCID
GetFileTime
RemoveDirectoryA
MultiByteToWideChar
HeapAlloc
GetSystemInfo
FreeEnvironmentStringsA
IsDBCSLeadByte
GetVersionExA
lstrcmpiW
ReleaseSemaphore
GetFileType
GetLastError
ExitProcess
LoadResource
IsBadReadPtr
GetTempPathA
SetHandleCount
GetTempFileNameA
GetLocalTime
ExitThread
GetCPInfo
CreateEventA
FileTimeToSystemTime
GetExitCodeProcess
DuplicateHandle
LockResource
_llseek
LoadLibraryA
GetTickCount
FindFirstFileA
VirtualAlloc
FlushInstructionCache
GetDateFormatA
HeapReAlloc
CreateFileA
lstrcmpA
GetStartupInfoA
SetFileTime
FormatMessageW
SetEndOfFile
ResetEvent
FlushFileBuffers
GetVolumeInformationA
LCMapStringW
WideCharToMultiByte
GlobalDeleteAtom
FindNextFileA
FreeLibrary
GetUserDefaultLangID
GetCurrentDirectoryA
lstrcatA
CreateDirectoryA
DeleteFileA
CreateProcessA
TlsAlloc
GlobalHandle
InitializeCriticalSection
GlobalAlloc
GetProfileStringA
SetLastError
SetEnvironmentVariableA
UnhandledExceptionFilter
RaiseException
GetCurrentProcessId
SetFileAttributesA
GetWindowsDirectoryA
TerminateProcess
SetLocalTime
GetStringTypeExA
SearchPathA
CompareStringW
CreateSemaphoreA
_lread
_lwrite
GetModuleFileNameW
ReadFile
SetErrorMode
FindClose
WaitForSingleObject
VirtualQuery
CreateThread
FileTimeToLocalFileTime
MoveFileA
GetProcAddress
IsBadCodePtr
RtlUnwind
GlobalLock
GlobalFree
CreateProcessW
GetCommandLineA
SetStdHandle
GetStringTypeW
UnlockFile
GlobalUnlock
LockFile
HeapFree

user32

EmptyClipboard
GetLastActivePopup
CreateIcon
CreateAcceleratorTableA
DdeAbandonTransaction
SetWindowsHookExA
GetDCEx
GetMenu
GetSysColor
CharLowerA
CreateWindowExA
CharLowerBuffW
FillRect
GetParent
GetFocus
TranslateMessage
DestroyIcon
VkKeyScanW
CharLowerBuffA
PtInRect
GetClipboardFormatNameA
MsgWaitForMultipleObjects
IsRectEmpty
DdeInitializeA
DestroyMenu
keybd_event
GetWindowRect
CreateCursor
IsCharAlphaA
SetPropA
RegisterClipboardFormatA
SetKeyboardState
IsWindowEnabled
ClipCursor
DdeCreateStringHandleA
GetQueueStatus
GetScrollInfo
CopyRect
EnumClipboardFormats
SendDlgItemMessageA
GetKeyboardState
SetDlgItemTextA
MessageBeep
DrawMenuBar
CharUpperBuffA
DdeFreeStringHandle
DdeSetUserHandle
PeekMessageA
TranslateMDISysAccel
DeleteMenu
LoadBitmapA
ShowCaret
WaitForInputIdle
GetWindowThreadProcessId
InvalidateRgn
EnableWindow
GetWindowLongA
GetUpdateRgn
InflateRect
GetKeyboardLayout
DdeNameService
OpenClipboard
SetMenuItemInfoA
GetSystemMenu
LockWindowUpdate
GetWindowTextA
SendMessageA
GetWindowRgn
GetUpdateRect
CallWindowProcA
LoadCursorA
DdeCreateDataHandle
SetMenuDefaultItem
EqualRect
ShowScrollBar
GetCursorPos
DestroyCursor
DdeDisconnect
GetDC
MoveWindow
EndDialog
DefMDIChildProcA
GetMenuStringA
IsChild
IsDialogMessageA
SetCursorPos
DdeUninitialize
LoadStringA
DefFrameProcA
IsWindow
SetCursor
GetMenuItemInfoA
RegisterClassExA
OffsetRect
RemovePropA
IsClipboardFormatAvailable
GetCursor
GetSystemMetrics
DeferWindowPos
CharToOemA
DdeGetLastError
GetClassInfoExA
ClientToScreen
GetMenuItemID
DdeConnect
SetRect
CheckMenuItem
SetParent
AttachThreadInput
GetClassNameA
ModifyMenuA
EnumThreadWindows
ScreenToClient
GetForegroundWindow
DrawIcon
ShowWindow
SetScrollInfo
DdePostAdvise
IsZoomed
SetMenu
AppendMenuA
GetMenuItemCount
GetAsyncKeyState
UpdateWindow
GetSubMenu
DdeGetData
WaitMessage
IntersectRect
SetWindowRgn
SubtractRect
GetCaretPos
CreatePopupMenu
LoadAcceleratorsA
DefWindowProcA
GetTabbedTextExtentA
DestroyCaret
CreateDialogParamA
PeekMessageW
LoadIconA
OemToCharA
DdeQueryStringA
PostMessageA
LoadImageA
GetWindowDC
WindowFromPoint
CallNextHookEx
SetScrollPos
RegisterClassA
EndPaint
KillTimer
PostMessageW
UnhookWindowsHookEx
CreateCaret
DdeQueryConvInfo
DialogBoxParamA
CharUpperBuffW
GetMessageTime
GetActiveWindow
CharToOemBuffA
CharPrevA
GetPropA
GetDoubleClickTime
SetForegroundWindow
DestroyWindow
SystemParametersInfoA
IsWindowVisible
AdjustWindowRect
DdeClientTransaction
SetTimer
DestroyAcceleratorTable
DrawFrameControl
BeginPaint
AdjustWindowRectEx
InvalidateRect
CreateMenu
SetCapture
GetDesktopWindow
GetWindowTextLengthA
WinHelpA
PostThreadMessageA
SetWindowContextHelpId
FindWindowW
GetKeyState
wsprintfA
SetWindowPos
MapWindowPoints
SetActiveWindow
CharNextA
DrawTextA
BeginDeferWindowPos
CloseClipboard
RemoveMenu
ReleaseDC
TrackPopupMenu
FrameRect
GetCapture
GetMenuState
IsIconic
DdeFreeDataHandle
TabbedTextOutA
SetWindowTextA
VkKeyScanA
DdeCmpStringHandles
DispatchMessageA
InsertMenuA
MessageBoxIndirectA
ReleaseCapture
GetClipboardData
GetClassInfoA
GetDlgItem
GetWindow
MessageBoxA
GetClientRect
SetScrollRange
HideCaret
SetWindowsHookExW
CharUpperA
EnableMenuItem
ShowCursor
FindWindowA
UnregisterClassA
SetClipboardData
GetMessagePos
CopyAcceleratorTableA
SetWindowLongA
GetIconInfo
SetCaretPos
SetFocus
ToAscii
EndDeferWindowPos
DrawFocusRect
PostQuitMessage
GetScrollPos
GetCaretBlinkTime
BringWindowToTop

advapi32

RegDeleteKeyA
RegQueryValueA
RegSetValueA
RegSetValueExA
DeregisterEventSource
RegOpenKeyW
ReportEventA
RegCreateKeyA
RegEnumKeyW
RegQueryValueExW
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyW
InitializeSecurityDescriptor
RegSetValueExW
RegisterEventSourceA
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
LookupPrivilegeValueA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegQueryValueExA
RegEnumValueW
OpenProcessToken
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegOpenKeyExA

samlib

SamConnectWithCreds
SamLookupNamesInDomain
SamConnect

ddraw

DirectDrawEnumerateA

ole32

OleSave
OleLoad

ws2_32

WSAConnect
setsockopt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 133KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea39d6dc46552567686547316a4a7a69

Headers

File Characteristics

Imports

kernel32

user32

advapi32

samlib

ddraw

ole32

ws2_32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 11KB - Virtual size: 10KB

.data Size: 133KB - Virtual size: 1.6MB

.rsrc Size: 109KB - Virtual size: 109KB

.rdata Size: 177KB - Virtual size: 177KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 11KB - Virtual size: 10KB

.data
Size: 133KB - Virtual size: 1.6MB

.rsrc
Size: 109KB - Virtual size: 109KB

.rdata
Size: 177KB - Virtual size: 177KB