88b8271ec5a6ad3445737e2266b100b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88b8271ec5a6ad3445737e2266b100b9_JaffaCakes118
Size

346KB
MD5

88b8271ec5a6ad3445737e2266b100b9
SHA1

4c3b5a4d0d669e890da2b68d2e5f8f11c2969c13
SHA256

9c50ffcd20d23bd6aae4ea5ac0c576c73bba0fba4801a78789b47df87ba2eebb
SHA512

ebdf3908a3ba691757751ed16f363957dfe0d34a846cd23c8042a692b7299aec822fd8965820d4150d59e7e9ea54c2310b65a879024f728be55c95409b7cff20
SSDEEP

6144:8emgAw5+mdVTqwTpv+O8BoEqNy9g/oFYTiYPnR/K8TkZx:8ZgLldVTNUony9QoF+PRS8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88b8271ec5a6ad3445737e2266b100b9_JaffaCakes118

Files

88b8271ec5a6ad3445737e2266b100b9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

140cfb166460fcc2a35df31f010bdae2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation

ntdll

_aulldvrm
wcscspn
isdigit
towupper
iswctype
NtSetQuotaInformationFile

setupapi

SetupGetIntField
SetupCloseInfFile
SetupFindNextLine

gdi32

CombineRgn
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateRectRgn
GetMapMode
CreateBitmap
SelectObject
PatBlt

netapi32

NetServerEnum
NetApiBufferSize
NetApiBufferFree
NetWkstaGetInfo

ole32

CLSIDFromString
CoCreateInstance
CoUninitialize

syssetup

AsrRestorePlugPlayRegistryData
AsrFreeContext

user32

ScreenToClient
UpdateWindow
GetAsyncKeyState
FlashWindow
DestroyIcon
WindowFromPoint
ChildWindowFromPoint
GetMenuItemCount
GetWindowRect
BringWindowToTop
PostQuitMessage
GetMenuItemID
GetSysColor
GetDlgItem
GetNextDlgGroupItem
GetIconInfo
DispatchMessageA
ClientToScreen
CallNextHookEx
CreateIconIndirect
InflateRect
CreateIconFromResource
RegisterClassExA
DestroyWindow
MonitorFromWindow
CopyRect
KillTimer
DrawFocusRect
SendMessageA
GetWindow
GetSubMenu
MapDialogRect
DeleteMenu
GetCursorPos
GetFocus
ShowWindow
IsIconic
CreateWindowExA
IsWindowVisible
GetDesktopWindow
GetCapture
GetKeyState
IsWindow
InvalidateRgn
GetMessageA
GetClientRect
RemoveMenu
GetDC
TranslateMessage
DefWindowProcA

mpr

WNetCloseEnum

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon

msvcrt

_wtoi
_ftol
_XcptFilter
_tzset
_controlfp
realloc
_onexit
__p__fmode
_except_handler3
_wcsrev
wcsrchr
fflush
wcsncmp
_vsnwprintf
localtime
memmove
fread
mktime
_wcsnicmp
wcscat
wcslen
ftell
calloc
_initterm
wcscmp
_wcsdup
_wfopen
wcstok
_filelength
wprintf
_fdopen
wcsstr
time
clearerr
fclose
_snwprintf
isalpha
_exit
malloc
wcschr
wcsncpy
_wcmdln
_adjust_fdiv
fseek
swscanf
__dllonexit

advapi32

GetAce
InitializeSecurityDescriptor
GetTokenInformation
OpenThreadToken
ControlService
CloseEncryptedFileRaw
ReadEncryptedFileRaw
FreeSid
AllocateAndInitializeSid
RegOpenKeyExA
InitializeAcl

kernel32

WideCharToMultiByte
GetSystemTime
FileTimeToSystemTime
FlushFileBuffers
GetLastError
BackupWrite
HeapCreate
ReleaseMutex
CreateMutexA
SetUnhandledExceptionFilter
GetProcessHeap
SetLastError
CloseHandle
LockFile
GetCurrentProcess
MultiByteToWideChar
SetErrorMode
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
FindVolumeMountPointClose
WriteFile
GetProcessHeaps
BackupSeek
SetEndOfFile
LockResource
GetFileInformationByHandle
Sleep
GetTimeZoneInformation
GetVersion
BackupRead
GetTapePosition
HeapFree
GetUserDefaultLCID
LocalFileTimeToFileTime
LoadResource
LocalFree
TerminateProcess
HeapAlloc
EraseTape
GetCurrentThreadId
VirtualAlloc
GetCurrentDirectoryA
GetCurrentThread
WriteTapemark
CreateThread
GetTapeParameters
SetTapePosition
OpenMutexA

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

140cfb166460fcc2a35df31f010bdae2

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ntdll

setupapi

gdi32

netapi32

ole32

syssetup

user32

mpr

comctl32

msvcrt

advapi32

kernel32

Sections

.text Size: 291KB - Virtual size: 291KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 41KB - Virtual size: 320KB

.text
Size: 291KB - Virtual size: 291KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 41KB - Virtual size: 320KB