8c1ac940bb6d1234fc9608bd26aeab66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c1ac940bb6d1234fc9608bd26aeab66_JaffaCakes118
Size

326KB
MD5

8c1ac940bb6d1234fc9608bd26aeab66
SHA1

e520fc07ccaa46315bc2032c3da4946aaa353591
SHA256

43c9d11d463474a8631c1ffb308a83849c63fe757191219fb1aacfd3f8c82879
SHA512

a8f22188deb32f5243dfad7bbf6a4f27fe15dada67dc6002f029074655fc92db89fe4f841278338155cbcd30265bf4b8756f7ec5062beb46dbc3032cb15edce9
SSDEEP

6144:Ii6HWi2u0z9NAdyJyPRr1B9ahAKESQNgm8HznTDIgnIAh7a5TDSlZor3tKT:Ii6HFi9aU0pr7SOGfIgnIAhETDS7oh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c1ac940bb6d1234fc9608bd26aeab66_JaffaCakes118

Files

8c1ac940bb6d1234fc9608bd26aeab66_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63911087a2114e43ce0196fd886b549c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
CreateToolbarEx
FlatSB_GetScrollPos
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Draw
ImageList_Destroy

dnsapi

DnsReplaceRecordSetW

mswsock

GetAcceptExSockaddrs
AcceptEx

ntdll

RtlIsNameLegalDOS8Dot3
memmove
RtlUnicodeStringToAnsiString
NtQueryVirtualMemory
wcslen
_vsnwprintf
RtlInitUnicodeStringEx
RtlUnwind
RtlAnsiStringToUnicodeString
_chkstk
NtAllocateVirtualMemory
_wcsicmp

advapi32

RegQueryValueExA
RegQueryValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegEnumValueW

kernel32

SetErrorMode
GetVersionExA
FindClose
FindFirstFileW
LocalSize
InterlockedExchange
lstrcpynW
SetEvent
MultiByteToWideChar
GetVolumeInformationW
CloseHandle
GetProcAddress
FindResourceExW
ExpandEnvironmentStringsW
DeleteCriticalSection
ResetEvent
GetModuleHandleA
CreateEventW
LoadResource
LoadLibraryA
GetProfileStringW
lstrlenW
LockResource
LocalFree
GlobalReAlloc
GetCurrentProcess
MulDiv
InitializeCriticalSectionAndSpinCount
GlobalUnlock
EnterCriticalSection
GetDriveTypeW
CreateThread
SetLastError
GetTempFileNameW
GetShortPathNameW
GetLastError
GetModuleHandleW
GetModuleFileNameW
DisableThreadLibraryCalls
FindNextFileW
UnhandledExceptionFilter
lstrcmpiW
GetCurrentProcessId
GetACP
lstrlenA
QueryPerformanceCounter
GetUserDefaultLCID
CreateFileW
LocalAlloc
InterlockedDecrement
GlobalAlloc
SizeofResource
TlsSetValue
TlsGetValue
DelayLoadFailureHook
GetSystemTimeAsFileTime
lstrcpyW
GlobalFree
lstrcpyA
FormatMessageW
SetUnhandledExceptionFilter
FreeLibraryAndExitThread
lstrcmpW
GetCurrentThreadId
GetLocaleInfoW
FindResourceW
WideCharToMultiByte
GlobalLock
GetCurrentDirectoryW
DeleteFileW
GetProcessVersion
WaitForSingleObject
GetFileAttributesW
GetTickCount
SetCurrentDirectoryW
LoadLibraryW
FreeLibrary
TlsAlloc
LocalReAlloc
InterlockedCompareExchange
GetFullPathNameW
FindResourceA
FreeResource
TlsFree
GetSystemDefaultUILanguage
LeaveCriticalSection
TerminateProcess
InterlockedIncrement

rpcrt4

RpcBindingSetAuthInfoExW
RpcStringBindingComposeW
I_RpcExceptionFilter
RpcStringFreeW
NdrClientCall2
RpcEpResolveBinding
RpcBindingFree
RpcBindingFromStringBindingW

gdi32

SetTextColor
CreateCompatibleBitmap
SetViewportExtEx
DeleteObject
CreateICW
CreateDCW
DeleteDC
GetNearestColor
SelectClipRgn
CreateFontIndirectW
GetTextMetricsW
PatBlt
GetTextExtentPointW
MoveToEx
SetBkMode
CreateDiscardableBitmap
GetMapMode
GetObjectW
SetMapMode
CreateFontW
CreateRectRgnIndirect
GetCharWidth32W
GetWindowExtEx
SelectPalette
RealizePalette
CreateDIBitmap
GetDeviceCaps
TextOutW
GetStockObject
EnumFontFamiliesExW
CreatePen
SetWindowExtEx
SetBkColor
Rectangle
LineTo
GetTextCharset
SelectObject
TranslateCharsetInfo
ExtTextOutW
ExcludeClipRect
GetTextCharsetInfo
GetViewportExtEx
CreateCompatibleDC
BitBlt
CreateSolidBrush

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63911087a2114e43ce0196fd886b549c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

dnsapi

mswsock

ntdll

advapi32

kernel32

rpcrt4

gdi32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 1.4MB

.rdata Size: 113KB - Virtual size: 113KB

.rsrc Size: 159KB - Virtual size: 158KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 1.4MB

.rdata
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 159KB - Virtual size: 158KB

.tls
Size: 512B - Virtual size: 4KB