5473524383440f83d59b2eadc7495b61_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5473524383440f83d59b2eadc7495b61_JaffaCakes118
Size

337KB
MD5

5473524383440f83d59b2eadc7495b61
SHA1

dec4fdbd8139b74fe87af50e1033e23e0b64d61b
SHA256

22e10e8d63c0b331535290111d6e1866d793701cb3bd45f4c28362059337c6b2
SHA512

9c1c54d01595f2a899e2e0a6365da0dc38b578eb26345521f49f265edd8ba7cee75ce3ed354746d83d4e9da0ec03a911493343f243fa68b54dcb7b545db4a30c
SSDEEP

6144:/ONbaQm3NuOHwvIhbVokh3QU/Hhdeopow:GVaQm3NuOGIhbV9gUPhsiow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5473524383440f83d59b2eadc7495b61_JaffaCakes118

Files

5473524383440f83d59b2eadc7495b61_JaffaCakes118
.exe windows:5 windows x86 arch:x86

252c1e92966e498ad7cc4227a8424e86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesExW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
CloseHandle
FlushFileBuffers
SetCommState
GetCommState
GetModuleFileNameW
SetConsoleScreenBufferSize
GetCurrentProcessId
GetTempPathW
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
VirtualAlloc
GetProcessWorkingSetSize
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FindClose
HeapCreate
HeapSize
HeapReAlloc
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
ExitProcess
Sleep
RtlUnwind
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
GetStdHandle
WriteConsoleW
GetFileSize
ReadFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
LoadLibraryW
CreateFileW
WriteFile
GetComputerNameExW
GetModuleFileNameA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
RaiseException
SetLastError
IsDBCSLeadByte
lstrcmpiA
lstrlenA
GetModuleHandleA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
MultiByteToWideChar
GetCurrentThreadId
lstrcpyW
FileTimeToSystemTime
GetCurrentDirectoryW
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount

user32

CreateWindowExA
ShowWindow
GetWindowLongA
SetWindowLongA
GetDlgItem
GetTopWindow
DispatchMessageA
CharNextA
DefWindowProcA
DestroyWindow
GetClientRect
DrawTextA
DrawEdge
CallWindowProcA
BeginPaint
TranslateMessage
PeekMessageA
GetMessageA
DrawFrameControl
SetFocus
HideCaret
IsDlgButtonChecked
IsWindow
wsprintfW
InvalidateRect
SetScrollRange
InflateRect
GetSystemMenu
GetMenuItemInfoA
SetWindowTextA
SetScrollInfo
GetScrollInfo
ScrollWindow
BeginDeferWindowPos
MessageBoxA
EnumWindows
GetActiveWindow
CreateDialogParamA
DialogBoxParamA
EndDialog
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
SetWindowPos
GetParent
LoadImageA
PostQuitMessage
IsDialogMessageA
SendMessageA
GetSysColor
GetSystemMetrics
ReleaseDC
GetDC
EndPaint
UnregisterClassA

gdi32

CreateRectRgn
CheckColorsInGamut
EnumICMProfilesA
SetStretchBltMode
ExcludeClipRect
GetDeviceCaps
SelectPalette
RealizePalette
CreateFontIndirectA
DeleteDC
DeleteObject
CreateCompatibleBitmap
ExtTextOutA
BitBlt
SetBkColor
GetStockObject
SelectObject
CreateCompatibleDC
CombineRgn

advapi32

RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA
SHAddToRecentDocs

ole32

CoInitialize
CreateBindCtx
ReleaseStgMedium
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantTimeToSystemTime
VarUI4FromStr

odbc32

ord24

shlwapi

PathRemoveFileSpecW
PathCompactPathA
PathFileExistsW
ColorRGBToHLS

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_GetImageCount
InitCommonControlsEx

msimg32

GradientFill

wininet

CreateUrlCacheGroup
CommitUrlCacheEntryW
DeleteUrlCacheEntryW
FtpGetFileW
DeleteUrlCacheGroup
CreateMD5SSOHash

netapi32

NetServerGetInfo
NetApiBufferFree

msvfw32

MCIWndCreateA
ord2

winmm

mmioSetInfo

crypt32

CertDuplicateStore

iphlpapi

GetIpNetTable

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

dhcpsapi

DhcpRpcFreeMemory
DhcpGetSubnetInfo

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

252c1e92966e498ad7cc4227a8424e86

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

odbc32

shlwapi

comctl32

msimg32

wininet

netapi32

msvfw32

winmm

crypt32

iphlpapi

rpcrt4

dhcpsapi

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 146KB - Virtual size: 497KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 146KB - Virtual size: 497KB