a335b4f3f4c41b725ef2653ba53956a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a335b4f3f4c41b725ef2653ba53956a0_JaffaCakes118
Size

188KB
MD5

a335b4f3f4c41b725ef2653ba53956a0
SHA1

67c7a655ef6549e6a6f13fe20a986b0473d77e9a
SHA256

cf859d7c6d9d14eef04e30a2b313e6026f2355f12fa06094f3d3618072d203a1
SHA512

9c43ca5b3e41d619d67eec714f598ca9e240485b82588c08a014a4b653b8516a593f3a0797cc6f18f9d9f9fee803d70e16841179956b440b3116ff6143b152e1
SSDEEP

3072:L2tThWEOOsIuBqOc5TFL4qvgT1bdb//ocfHk+495v4uTS:L2S1HqOIL4+ukz9+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a335b4f3f4c41b725ef2653ba53956a0_JaffaCakes118

Files

a335b4f3f4c41b725ef2653ba53956a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

815359be6e31cd719032f41f51810f61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasEnumConnectionsA
RasGetConnectStatusA

winmm

mciSendCommandA

kernel32

FindNextFileA
MulDiv
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
GetFileAttributesA
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
RtlUnwind
HeapAlloc
ExitProcess
CreateDirectoryA
HeapFree
GetStartupInfoA
GetCommandLineA
RaiseException
GetFullPathNameA
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
lstrcpynA
GetLastError
FormatMessageA
LocalFree
SetLastError
lstrcmpA
GetCurrentThread
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
Sleep
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalAlloc
FreeLibrary
GetTickCount
GetComputerNameA
GetSystemInfo
lstrcatA
GetVersionExA
GlobalMemoryStatus
GetDriveTypeA
GetDiskFreeSpaceA
Beep
DeleteFileA
GetPrivateProfileStringA
WaitForSingleObject
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
LoadLibraryA
GetCurrentProcessId
GetProcAddress
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
WinExec
lstrlenA
lstrcpyA
CreateThread

user32

GetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
PostMessageA
LoadIconA
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
TranslateMessage
PostQuitMessage
SetCursor
WaitMessage
KillTimer
SetTimer
CharUpperA
LoadStringA
GetClassNameA
PtInRect
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
CopyRect
SetFocus
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetDC
ReleaseDC
CharToOemA
LockWindowUpdate
GetSystemMetrics
SetWindowsHookExA
PeekMessageA
GetMessageA
SetKeyboardState
DispatchMessageA
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetWindowTextA
GetKeyNameTextA
GetKeyboardState
ToAscii
GetDesktopWindow
ExitWindowsEx
SetCursorPos
AdjustWindowRectEx
GetClientRect
IsWindow
SystemParametersInfoA
MessageBoxA
FindWindowA
EnableWindow
SendMessageA
wsprintfA
GetWindow
IsWindowVisible
UnregisterClassA

gdi32

SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
GetStockObject
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetTextColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetClipBox
BitBlt
DeleteDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

comctl32

ord17

wsock32

ioctlsocket
accept
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup
htonl
socket
connect
recv
send
closesocket
htons
gethostname
gethostbyname
setsockopt
bind
WSAAsyncSelect
inet_ntoa
recvfrom
sendto
inet_addr

wininet

InternetGetLastResponseInfoA
InternetFindNextFileA
FtpFindFirstFileA
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetConnectA
InternetSetStatusCallback
InternetGetConnectedState
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

815359be6e31cd719032f41f51810f61

Headers

File Characteristics

Imports

rasapi32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

wininet

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 16KB - Virtual size: 35KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 16KB - Virtual size: 35KB

.rsrc
Size: 16KB - Virtual size: 14KB