a364d6a1d481fbadc27d8825f28d68a7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a364d6a1d481fbadc27d8825f28d68a7_JaffaCakes118
Size

344KB
MD5

a364d6a1d481fbadc27d8825f28d68a7
SHA1

16aa8f4c396f30ef1ceed8cdf67b1f40a6280f77
SHA256

f3cf44fbcfec9317705f27580b85150a69cd9d08074b3ad03dec55d68236e639
SHA512

c45e500860c126a9fe0cafaceb7f710552dfb0e7caf4d7a9d8c1db4a9ddd79c129b18c0c5f3964f85a0e3da73def7949d43f1da93cc95ec3993dfa7b0c8531ae
SSDEEP

6144:cee6TyFwuoqUW8sjQHTyScGXSgcl/Nb/oAMTCR:Ve6Ty8qJmTyjGXSgcl/VUWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a364d6a1d481fbadc27d8825f28d68a7_JaffaCakes118

Files

a364d6a1d481fbadc27d8825f28d68a7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ea6fb632436e87774f148785f0f251fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetProcessHeap
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
DecodePointer
GetFileType
LCMapStringW
GetConsoleCP
HeapAlloc
HeapFree
GetACP
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
GetStdHandle
EncodePointer
SetLastError
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
IsProcessorFeaturePresent
GetConsoleMode
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
EnumDateFormatsA
AllocateUserPhysicalPages
GetFileAttributesA
CreateFileA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetStringTypeW
LoadLibraryW
OpenEventA
lstrcatA
lstrcpyA
lstrcmpA
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
DeviceIoControl
GetFileInformationByHandle
Sleep
GetLastError
GetCurrentProcess
GetModuleHandleExW
CreateFileW
GetProcAddress

user32

GetDlgCtrlID
OpenClipboard
GetDlgItem
EndDialog
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
CreateWindowExA
CloseClipboard
SetClipboardData
EmptyClipboard
IsCharAlphaA
IsCharLowerW
GetSystemMetrics
GetMenu
DrawMenuBar
CheckMenuItem
EnableMenuItem
GetMenuItemID
PostQuitMessage
DefWindowProcA
SendMessageA
wsprintfA
DefMDIChildProcA
LoadStringA
DestroyIcon
SetDlgItemTextA
LoadCursorA
GetWindow
GetTopWindow
FindWindowExA
FindWindowA
EnumChildWindows
GetParent
GetDesktopWindow
SetWindowLongA
GetWindowLongA
PtInRect
CopyRect
FrameRect
FillRect
DrawFocusRect
GetSysColor
WindowFromPoint
GetCursorPos
SetCursor
SetCursorPos
MessageBoxA
AdjustWindowRect
GetWindowRect
GetClientRect
SetWindowTextA
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetActiveWindow
UpdateWindow
DrawTextA
DrawIcon
InsertMenuItemA
GetMenuItemCount
LoadIconA

gdi32

SetDIBColorTable
CreateDIBSection
SelectObject
GetStockObject
GetPaletteEntries
GetCurrentObject
GetClipBox
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameW
GetOpenFileNameW

advapi32

GetCurrentHwProfileA

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
SHAddToRecentDocs

ole32

CoInitializeEx
OleDraw
GetRunningObjectTable
StringFromGUID2
CLSIDFromString
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoInitialize
CoUninitialize
MkParseDisplayName
CreateBindCtx
CreateItemMoniker

oleaut32

VariantInit
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy

msvfw32

ord2
MCIWndCreateA
DrawDibDraw
DrawDibOpen

crypt32

CryptDecodeObject

shlwapi

ord14
PathCompactPathA
StrChrA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_Create

rpcrt4

UuidToStringA
UuidFromStringA
RpcStringFreeA
RpcStringBindingComposeA

gdiplus

GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateFromHDC
GdipDeleteGraphics

opengl32

glNormal3f
glClear
glBegin

setupapi

SetupDiSetClassInstallParamsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiCallClassInstaller

wsnmp32

ord106
ord105
ord104

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea6fb632436e87774f148785f0f251fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvfw32

crypt32

shlwapi

comctl32

rpcrt4

gdiplus

opengl32

setupapi

wsnmp32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 10KB

.gfids Size: 512B - Virtual size: 292B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 177KB - Virtual size: 248KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 10KB

.gfids
Size: 512B - Virtual size: 292B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 177KB - Virtual size: 248KB