a64a36c7861b143e201447b16beb26b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a64a36c7861b143e201447b16beb26b9_JaffaCakes118
Size

214KB
MD5

a64a36c7861b143e201447b16beb26b9
SHA1

e1d914fa15b73c4601fbe167630baed4a74ad733
SHA256

1b0329999fa0a3da067c94527f6a6c6a48ec2bb7676312f240ced5afa4b0150b
SHA512

e8823ee758486dca4d4be7c408cd891fcb035a0fa061e0b8400ea6d76d41cd674cff4043bc141a2d6022419652ef9a164687cd6eed07d96cf88bf4807d37fe68
SSDEEP

3072:Bo6ncyX+R2dte88pInnLJ1XZMK0F5653L+DqAq+XKNBobDnk:Bo6cyX+R2ve8TnTZMvI3QVEBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a64a36c7861b143e201447b16beb26b9_JaffaCakes118

Files

a64a36c7861b143e201447b16beb26b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

71e58a9611cb91517787c53e2a3011c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateA

kernel32

RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
Sleep
ExitProcess
ExitThread
CreateThread
RaiseException
VirtualAlloc
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLastError
CreateFileA
CloseHandle
DeviceIoControl
WaitForSingleObject
WritePrivateProfileStringA
SizeofResource
LockResource
LoadResource
FindResourceA
ResumeThread
WideCharToMultiByte
SetEvent
CreateEventA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetProcAddress
GetModuleHandleA
FreeLibrary
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
CompareStringA
LoadLibraryA
GetLocaleInfoA
GetModuleFileNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
SuspendThread
GlobalAddAtomA
SetLastError
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
lstrlenA
GetVersionExA
lstrcmpW
MultiByteToWideChar
GlobalFindAtomA
GlobalGetAtomNameA
MulDiv
LocalFree
FormatMessageA
GetModuleFileNameW
SetErrorMode
GetModuleHandleW
GetOEMCP
GetCPInfo
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
InterlockedDecrement
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags

user32

UnregisterClassA
GetSysColorBrush
LoadCursorA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
PostMessageA
DrawIcon
AppendMenuA
GetWindowRect
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
GetMessageTime
SendMessageA
GetSystemMenu
IsIconic
GetClientRect
EnableWindow
LoadIconA
GetSystemMetrics
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
SendDlgItemMessageA
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState

gdi32

SetMapMode
DeleteObject
PtVisible
RectVisible
RestoreDC
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SaveDC
ExtTextOutA
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
TextOutA
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathFindExtensionA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
VariantInit

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71e58a9611cb91517787c53e2a3011c5

Headers

DLL Characteristics

File Characteristics

Imports

dinput

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

setupapi

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 22KB - Virtual size: 22KB