a4a843646d9085f5d1be8019aeb671e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a4a843646d9085f5d1be8019aeb671e1_JaffaCakes118
Size

120KB
MD5

a4a843646d9085f5d1be8019aeb671e1
SHA1

a8a773bc54f6dd6b1314bd5357b3dac97dcb21bd
SHA256

bf16f01f7467fdd715054a513fd7dc7d3f93c39c4d73092968806117cae0e7a6
SHA512

f1606409d709e83d9e5949bfd7a3be2bf5c460001c6c6a82875a897e3bc72542105fc6dcd3a7dd8aac03463e252f610e3365ae7543d19b197bba2a909f0d3b49
SSDEEP

3072:BDU38Jie/9sA/BhLASY5Wx7A07VsPbv+j3CwKq:BDdJch5WuCCwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4a843646d9085f5d1be8019aeb671e1_JaffaCakes118

Files

a4a843646d9085f5d1be8019aeb671e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

845f15086c6ceb8062489c38af4367f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
DeleteFileW
FindFirstFileW
lstrcmpW
GetVersion
GetCommandLineW
lstrcmpiW
CreateProcessW
WaitForSingleObject
FindNextFileW
FormatMessageW
WriteFile
SetErrorMode
ReadFile
GetModuleHandleW
CreateMutexW
InterlockedExchange
InterlockedCompareExchange
VirtualProtect
OutputDebugStringA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetPrivateProfileIntW
CreateDirectoryW
GetPrivateProfileStringW
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
GetSystemInfo
GetVersionExA
GetProcessHeap
lstrcmpiA
GetWindowsDirectoryA
lstrcatA
CreateFileA
GetPrivateProfileIntA
GetSystemDirectoryA
MoveFileA
SetFileAttributesW
HeapAlloc
HeapFree
ExitProcess
ExitVDM
GetCurrentProcessId
CreateEventA
HeapDestroy
GetModuleHandleA
InitializeCriticalSection
HeapCreate
SetPriorityClass
GetProfileIntA
GetSystemDefaultLangID
SetLastError
GlobalFree
VirtualFree
GetLastError
CloseHandle
UnmapViewOfFile
GetFileAttributesW
LocalAlloc
LocalFree
InterlockedDecrement
lstrcmpA
GetCurrentThreadId
WideCharToMultiByte
IsDBCSLeadByteEx
MultiByteToWideChar
lstrlenW
GlobalUnlock
LeaveCriticalSection
LoadLibraryA
EnterCriticalSection
DeleteCriticalSection
GetCPInfo
lstrcpyA
lstrcpynA
lstrlenA
MulDiv
GetProcAddress
FindClose

user32

LoadStringA
GetDesktopWindow
MessageBoxA
SetTimer
DestroyWindow
GetKeyState
DrawMenuBar
KillTimer
GetMessagePos
WindowFromPoint
GetIconInfo
GetClassNameA
GetWindowLongA
IsWindow
SetForegroundWindow
GetWindowRect
SetWindowPos
SetWindowRgn
EqualRect
IsIconic
AdjustWindowRectEx
GetWindowThreadProcessId
GetClassLongA
SendMessageA
RegisterClipboardFormatA
GetDlgItemTextW
EndDialog
SetFocus
SetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamW
GetWindowLongW
EnableWindow
LoadStringW
MessageBoxW
LoadCursorW
SetCursor
LoadImageW
GetDlgItem
SendMessageW
SetWindowLongW
CheckDlgButton
PostMessageA
GetCapture
GetKeyboardLayout
TrackPopupMenu
CallWindowProcA
ReleaseDC
GetDC
IsWindowVisible
GetKeyboardState
GetSysColorBrush
InsertMenuItemA
GetMenuItemCount
CloseClipboard
GetSystemMetrics
SetRect
FillRect
LoadIconA
EnableMenuItem
GetWindowDC
DrawEdge
GetSysColor
PtInRect
wsprintfA

advapi32

RegCloseKey
AddAccessAllowedAce
RegSetValueExW
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegEnumValueA
RegQueryValueExA
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegOpenKeyExA

gdi32

ExtTextOutA
CreatePen
GetObjectA
CreateFontIndirectA
GdiFlush
GetTextExtentPoint32W
GetTextExtentPoint32A
GetCharWidthW
SetROP2
EndPage
FillPath
TranslateCharsetInfo
BeginPath
LineTo
MoveToEx
PatBlt
DeleteObject
GetViewportExtEx
GetWindowExtEx
SetTextAlign
TextOutW
GetBkMode
CreateRectRgn
GetBitmapBits
CombineRgn
GetStockObject
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
SetBkMode
GetDIBits
SetBkColor
ExtTextOutW
CreateSolidBrush
GetDeviceCaps
SelectClipRgn
CreateDCA
DeleteDC
CreateCompatibleDC
SelectPalette
RealizePalette
SelectObject
EndPath
CreateDIBSection
SetTextColor

msvcrt

__CxxFrameHandler
_adjust_fdiv
malloc
_onexit
__dllonexit
towupper
_iob
memcpy
fprintf
wcschr
wcsstr
_vsnwprintf
memset
_errno
_XcptFilter
free
_initterm
_amsg_exit
wcsrchr
_wstat
_except_handler3
time

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

845f15086c6ceb8062489c38af4367f9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcrt

msvcp60

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 1KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 1KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB