94ac00a01ef6a0716db4f30b9542bd6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94ac00a01ef6a0716db4f30b9542bd6c_JaffaCakes118
Size

632KB
MD5

94ac00a01ef6a0716db4f30b9542bd6c
SHA1

7060596ad106e8cdf81786ec69c5536b7aab4889
SHA256

345b04a52f037e746def32c492ed043cedf91a8bd2c024a4888874c94138e90f
SHA512

1f907161c6348e452e56eda8926413a30fb607edb489b761aac6a80bf202ce974c69f75f3b58e285492aef10d4fb66cc54de11897fe12a09a117b5b86564bd27
SSDEEP

12288:zewjVl/fprMU7UFpJX6eM/PY922ku1UVZN4VdQZZEa6PwWdWyOuuw80Q:qAlXpOp41DuKVygZEavWdFru70Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ac00a01ef6a0716db4f30b9542bd6c_JaffaCakes118

Files

94ac00a01ef6a0716db4f30b9542bd6c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

44b896791880c099b03b9fca00f5199c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
CreateEventA
GetModuleFileNameA
CreateFileA
FindFirstFileA
FindFirstChangeNotificationA
FindCloseChangeNotification
SetThreadLocale
SetConsoleTitleA
ReadConsoleW
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapReAlloc
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
FileTimeToSystemTime
GetStdHandle
GetTempPathW
LoadLibraryExW
FreeLibrary
RtlUnwind
OutputDebugStringW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
GetCPInfo
EncodePointer
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
CreateEventW
WaitForSingleObjectEx
ResetEvent
LeaveCriticalSection
EnterCriticalSection
MulDiv
GetFileTime
FindClose
WaitForSingleObject
SetEvent
VirtualAlloc
HeapFree
CreateDirectoryW
HeapAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
DeleteFileW
GetFileAttributesExW
CreateFileW
ReadFile
WriteFile
GetFileSize
GetProcessHeap
InitializeCriticalSectionAndSpinCount
GetTempFileNameW
GetModuleHandleW
CloseHandle
DeleteCriticalSection
GetLastError
RaiseException
DecodePointer
GetFileType
SetEndOfFile

user32

GetWindowLongW
DialogBoxParamW
EnableWindow
GetWindowTextW
GetParent
SetWindowTextW
SetFocus
GetDlgItem
CallWindowProcW
SendMessageW
SetWindowLongW
GetWindowTextLengthW
PostMessageW
PostQuitMessage
SetWindowPos
CreateDialogParamW
GetMenu
EnableMenuItem
GetSubMenu
GetMenuItemCount
DeleteMenu
TrackPopupMenuEx
InsertMenuItemW
GetWindowRect
ClientToScreen
wsprintfW
DestroyWindow
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetKeyState
SetWindowsHookExW
UnhookWindowsHookEx
EndDialog
MessageBoxW
EnumDisplayMonitors
SetWindowLongA
OffsetRect
InflateRect
GetSysColor
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetScrollRange
GetScrollPos
ReleaseDC
GetDC
GetSystemMetrics
SendDlgItemMessageA
CreateWindowExA
SendMessageA
ActivateKeyboardLayout
GetTopWindow
KillTimer
SetTimer
RemoveMenu
DestroyMenu
CreatePopupMenu
UpdateWindow
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
ShowWindow
CreateWindowExW
GetClassInfoW
RegisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx

gdi32

RestoreDC
GetDeviceCaps
DeleteDC
CreateSolidBrush
CreateFontA
BitBlt
GetObjectA

winspool.drv

ClosePrinter
GetPrinterDataA
EndDocPrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PrintDlgA

advapi32

RegCloseKey
RegQueryValueExW
RegGetValueW
RegOpenKeyW
RegEnumValueW
IsWellKnownSid
ImpersonateLoggedOnUser
CreateProcessAsUserA
RegisterServiceCtrlHandlerA
SetServiceStatus
GetTraceLoggerHandle
RevertToSelf

shell32

ShellExecuteW
ExtractAssociatedIconA

ole32

CoCreateInstance
CoInitialize
CLSIDFromProgID
StgOpenStorage
OleInitialize
OleUninitialize

oleaut32

SysFreeString
VariantClear
GetActiveObject
SysAllocStringByteLen
SysAllocStringLen
SysAllocString

bcrypt

BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptGenRandom
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDestroyKey
BCryptDecrypt
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider

ws2_32

WSCDeinstallProvider

gdiplus

GdipCreatePen1
GdipDeletePen
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC

urlmon

FaultInIEFeature

rasdlg

RasDialDlgA

Sections

.text
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44b896791880c099b03b9fca00f5199c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

bcrypt

ws2_32

gdiplus

urlmon

rasdlg

Sections

.text Size: 319KB - Virtual size: 319KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 6KB - Virtual size: 12KB

.text Size: 6KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 492B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 319KB - Virtual size: 319KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 6KB - Virtual size: 12KB

.text
Size: 6KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 492B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 140KB - Virtual size: 139KB