75038118a8a33b20fc29b7644c11ffd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75038118a8a33b20fc29b7644c11ffd7_JaffaCakes118
Size

144KB
MD5

75038118a8a33b20fc29b7644c11ffd7
SHA1

8c9a5f1a92dd799e0203c9bff35e8795df898fde
SHA256

fa0b9d6650f4aacb795dcff412ef8e8ff6b4feb09d3f9d2dcc6399e371577e48
SHA512

a3f50aeee5acf374b6973e5d3887966ba7483e0623d2e66bea8cde45f044bc063817aea2429005e30e0703da2ae6cdf24609eaa6a31a392bc33dfd6077ceb98c
SSDEEP

3072:97NrHGszeKDsqCc/hy19JJYI9FQaLWD3oIEJ6e/mLRSsy:97NSsqR3vRFRqbm6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75038118a8a33b20fc29b7644c11ffd7_JaffaCakes118

Files

75038118a8a33b20fc29b7644c11ffd7_JaffaCakes118
.exe windows:6 windows x86 arch:x86

400b7643752c62532707a52534034076

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

perfmon.pdb

Imports

advapi32

RegOpenKeyExW
OpenProcessToken
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegQueryValueExW

kernel32

GetLastError
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCommandLineW
CloseHandle
CreateProcessW
GetVersion
GetCurrentProcess
ExpandEnvironmentStringsW
RegisterApplicationRestart
GetProcAddress
FormatMessageW
CopyFileW
Sleep
CreateThread
WaitForSingleObject
HeapSetInformation
IsWow64Process
GetFileAttributesW
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetModuleHandleW
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
SetUnhandledExceptionFilter

gdi32

GetDeviceCaps

user32

GetDesktopWindow
GetClassNameW
SystemParametersInfoW
GetDC
GetDlgItem
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
SetProcessDPIAware
ShowWindow
DefWindowProcW
EnableMenuItem
CheckMenuRadioItem
SetLayeredWindowAttributes
PostQuitMessage
SendMessageW
EndDialog
IsIconic
LoadStringW
ReleaseDC
SetWindowPos
GetWindowRect
SetWindowTextW
WaitForInputIdle
DialogBoxParamW
CreateWindowExW
RegisterClassExW
GetSysColor
UpdateWindow
EnumWindows

msvcrt

_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_adjust_fdiv
_wcsnicmp
_wcsicmp
towlower
wcsstr
memset
_vsnwprintf

atl

ord41

ole32

CoInitialize
CoUninitialize
CoCreateInstance

ntdll

WinSqmAddToStream
WinSqmEventEnabled
WinSqmEventWrite
NtOpenProcessToken
NtClose
NtOpenThreadToken
NtQueryInformationToken

shlwapi

SHCreateStreamOnFileEx
ord186

shell32

SHGetIDListFromObject
SHCreateDataObject
ord28
ShellExecuteExW
ord155
SHGetFolderPathEx
CommandLineToArgvW
SHBindToParent

oleaut32

OleCreateFontIndirect
VariantClear
SysAllocString
SysFreeString
VariantInit

credui

CredUIPromptForCredentialsW

secur32

GetUserNameExW

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

moangbg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

400b7643752c62532707a52534034076

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

msvcrt

atl

ole32

ntdll

shlwapi

shell32

oleaut32

credui

secur32

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 29KB - Virtual size: 30KB

moangbg Size: - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 29KB - Virtual size: 30KB

moangbg
Size: - Virtual size: 4KB