9637e1b6584ab0158e7965e0d045ce4c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9637e1b6584ab0158e7965e0d045ce4c_JaffaCakes118
Size

19KB
MD5

9637e1b6584ab0158e7965e0d045ce4c
SHA1

35f489193178c95f4425b8c7007492734b23e9bb
SHA256

5daa25e928832d76cc5552404645008b0a398252f73dc36148ec06c2117f028b
SHA512

b2adcb3a4c538b40661af776bc809c660309b32ae44b24abe1fb44967c11eee3af963c89ec65c1ad8eae165b3ae087763462b80e40cb97ad90cbba32bfc788b2
SSDEEP

384:mZTIDIiI6W6UUnf4RJqfg3SOvznJgIExa:mZTFD6UUnf4zq4C2D1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9637e1b6584ab0158e7965e0d045ce4c_JaffaCakes118

Files

9637e1b6584ab0158e7965e0d045ce4c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e35869d820fe86ae59a4a6975217ac8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasA
BeginUpdateResourceW
ClearCommError
CommConfigDialogW
CopyFileA
CreateEventA
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateNamedPipeW
DebugBreak
DefineDosDeviceA
DeleteTimerQueueEx
EndUpdateResourceW
EnumCalendarInfoExW
EnumDateFormatsExW
EnumSystemCodePagesA
EnumSystemLanguageGroupsW
EnumTimeFormatsA
FindFirstFileA
FreeLibrary
GetCPInfo
GetCalendarInfoA
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetConsoleAliasesLengthA
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetDateFormatW
GetEnvironmentStrings
GetFileAttributesExA
GetLastError
GetLogicalDrives
GetNamedPipeInfo
GetOEMCP
GetPrivateProfileStructA
GetStdHandle
GetSystemDefaultLCID
GetTempPathA
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetProcAddress
GlobalGetAtomNameA
HeapDestroy
IsBadCodePtr
IsDebuggerPresent
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalCompact
LocalFileTimeToFileTime
MoveFileExW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleA
RtlUnwind
SetCommState
SetComputerNameW
SetConsoleCursor
SetConsoleCursorPosition
SetConsoleDisplayMode
SetConsoleWindowInfo
SetFileApisToOEM
SetFileAttributesA
SetFileAttributesW
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetVolumeMountPointA
SetVolumeMountPointW
SleepEx
SwitchToFiber
UnhandledExceptionFilter
VerifyVersionInfoA
VirtualFree
VirtualUnlock
WaitCommEvent
WaitForSingleObjectEx
WinExec
WritePrivateProfileStructW
lstrcat
lstrcmpA
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
ExitProcess
GetVolumeInformationW
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyA
RegOpenKeyExA

ole32

CLIPFORMAT_UserSize
CLSIDFromString
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCancelCall
CoCopyProxy
CoCreateInstanceEx
CoFileTimeNow
CoFreeAllLibraries
CoFreeLibrary
CoGetClassVersion
CoImpersonateClient
CoInstall
CoLoadLibrary
CoLockObjectExternal
CoMarshalHresult
CoQueryProxyBlanket
CoRegisterMessageFilter
CoResumeClassObjects
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalHresult
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateClassMoniker
CreateDataAdviseHolder
CreateDataCache
EnableHookObject
GetHGlobalFromILockBytes
HACCEL_UserMarshal
HACCEL_UserSize
HBRUSH_UserFree
HBRUSH_UserMarshal
HBRUSH_UserSize
HDC_UserFree
HDC_UserUnmarshal
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserUnmarshal
HICON_UserFree
HMENU_UserFree
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserSize
HPALETTE_UserUnmarshal
IIDFromString
MkParseDisplayName
MonikerCommonPrefixWith
MonikerRelativePathTo
OleCreateDefaultHandler
OleCreateFromFileEx
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDestroyMenuDescriptor
OleDoAutoConvert
OleDuplicateData
OleFlushClipboard
OleInitializeWOW
OleIsRunning
OleLockRunning
OleNoteObjectVisible
OleRegEnumFormatEtc
OleRegGetUserType
OleSetMenuDescriptor
RevokeDragDrop
SNB_UserMarshal
SNB_UserUnmarshal
StgConvertPropertyToVariant
StgCreatePropSetStg
StgCreatePropStg
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgOpenStorageEx
StgSetTimes
StringFromCLSID
StringFromGUID2
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
WriteOleStg

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e35869d820fe86ae59a4a6975217ac8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

ole32

Sections

.text Size: 7KB - Virtual size: 6KB

.text4 Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 96B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.text4
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 96B

.rsrc
Size: 2KB - Virtual size: 1KB