a77729b436d3bf89c0bdfbe89caa9152_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a77729b436d3bf89c0bdfbe89caa9152_JaffaCakes118
Size

43KB
MD5

a77729b436d3bf89c0bdfbe89caa9152
SHA1

621707f4682e5a9653c8b93862f592be0fe94c91
SHA256

06344e0be569ccd2f3628a263b95cb74683905e3c95a37edfdcd32c39219735d
SHA512

7ce06e0557530a710a5103a169bd22e70249accdafaf71f407ed897b9b8954c36ce3b4958690468e129df3a64f4c1d644abb45f883123a298ed981f2d55f4b85
SSDEEP

384:El9kllp/HpZcFS5JAj3oZGO9mRG/q5V2S:Eluz/JZ0STO3aGOeGCSS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a77729b436d3bf89c0bdfbe89caa9152_JaffaCakes118

Files

a77729b436d3bf89c0bdfbe89caa9152_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f56434da553648ad9c388af5b578636

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
GetTempPathA
GetThreadLocale
GetThreadSelectorEntry
GetTimeFormatW
GetUserDefaultLCID
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetWriteWatch
GlobalCompact
GlobalUnWire
HeapAlloc
IsBadCodePtr
IsBadHugeWritePtr
IsValidCodePage
IsValidLanguageGroup
LoadResource
LocalSize
LockFile
MapViewOfFileEx
MoveFileA
MoveFileExW
OpenSemaphoreA
OpenWaitableTimerW
PeekConsoleInputW
Process32Next
QueryInformationJobObject
GetStringTypeW
ReplaceFile
RequestDeviceWakeup
RtlMoveMemory
SearchPathA
SetComputerNameExW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointerEx
SetFileTime
SetLocaleInfoW
SetNamedPipeHandleState
SetPriorityClass
SetTapePosition
SetThreadExecutionState
SetThreadLocale
SetTimerQueueTimer
SignalObjectAndWait
UnlockFile
VerLanguageNameW
VerifyVersionInfoW
WriteConsoleInputA
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
lstrcpyA
lstrcpyn
GetShortPathNameA
GetProfileIntW
GetPrivateProfileStructA
GetNumberFormatA
GetMailslotInfo
GetFileType
GetFileAttributesA
GetDateFormatA
GetComputerNameExW
GetCommandLineA
GetCommState
GetCalendarInfoA
FindFirstVolumeA
FindFirstChangeNotificationW
FindClose
EnumUILanguagesA
EnumTimeFormatsW
GetModuleHandleW
EnumResourceTypesA
EnumDateFormatsExA
EnterCriticalSection
DuplicateHandle
DnsHostnameToComputerNameW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DefineDosDeviceA
CreateWaitableTimerW
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateMailslotW
CreateMailslotA
CreateJobObjectW
ContinueDebugEvent
CloseHandle
AreFileApisANSI
GetStartupInfoA
GetStartupInfoW
ExitProcess
ReadConsoleW

msvcrt

memset

user32

GetMouseMovePointsEx
GetNextDlgGroupItem
GetScrollInfo
GetUserObjectSecurity
GetWindowLongW
InSendMessage
InSendMessageEx
IsCharLowerA
IsIconic
IsWindow
LoadCursorFromFileW
LoadCursorW
LoadMenuA
LockWindowUpdate
LookupIconIdFromDirectoryEx
MapDialogRect
MapVirtualKeyExW
MessageBoxExW
ModifyMenuW
OemToCharBuffW
PaintDesktop
PostQuitMessage
RegisterClassExA
ReleaseDC
ReuseDDElParam
SendDlgItemMessageW
SendIMEMessageExA
SendIMEMessageExW
SendMessageCallbackA
SendNotifyMessageW
SetActiveWindow
SetClassLongA
SetKeyboardState
SetMenuItemInfoA
SetScrollInfo
SetThreadDesktop
SetUserObjectSecurity
SetWindowRgn
SetWindowsHookA
ShowWindowAsync
SwapMouseButton
TrackMouseEvent
TranslateMessage
UnhookWindowsHook
UnionRect
ValidateRect
WindowFromDC
wsprintfA
GetMessageExtraInfo
GetMenuState
GetMenuItemInfoW
GetKeyboardLayout
GetCursorPos
GetCursor
GetClipboardOwner
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FreeDDElParam
FindWindowExA
FindWindowA
FillRect
EnumWindowStationsW
DrawTextW
DrawIconEx
DrawFrameControl
DestroyWindow
DdeQueryNextServer
DdeFreeDataHandle
DdeCreateDataHandle
DdeConnect
CreateWindowStationW
CreateWindowExA
CreateIconIndirect
CreateIconFromResourceEx
CopyIcon
CloseClipboard
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextExA
CharLowerA
ChangeDisplaySettingsExA
CallWindowProcW
BeginPaint
AnyPopup
DdeAbandonTransaction

gdi32

EngLoadModule
EngPaint
EngStretchBltROP
EngStrokePath
EnumFontsA
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_vGetInfo
FontIsLinked
GdiConvertAndCheckDC
GdiConvertPalette
GdiConvertRegion
GdiCreateLocalMetaFilePict
GdiEntry16
GdiEntry8
GdiGetLocalBrush
GdiPlayJournal
GdiProcessSetup
GdiRealizationInfo
EngCreateClip
GetCharWidthFloatA
GetCharWidthI
GetCharWidthInfo
GetEnhMetaFileW
GetFontData
GetGlyphOutlineA
GetKerningPairs
GetROP2
GetTextExtentExPointI
GetTextExtentPoint32A
GetViewportOrgEx
NamedEscape
PatBlt
RealizePalette
RemoveFontResourceW
ResizePalette
SetICMMode
GetCharABCWidthsA
EngAcquireSemaphore

advapi32

RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owtwo2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.owtwo7
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f56434da553648ad9c388af5b578636

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.text6 Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 80B

owtwo1 Size: 1024B - Virtual size: 1000B

owtwo2 Size: 4KB - Virtual size: 3KB

.owtwo3 Size: 4KB - Virtual size: 3KB

.owtwo4 Size: 4KB - Virtual size: 3KB

.owtwo5 Size: 4KB - Virtual size: 3KB

.owtwo6 Size: 4KB - Virtual size: 3KB

.owtwo7 Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 8KB - Virtual size: 7KB

.text6
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 80B

owtwo1
Size: 1024B - Virtual size: 1000B

owtwo2
Size: 4KB - Virtual size: 3KB

.owtwo3
Size: 4KB - Virtual size: 3KB

.owtwo4
Size: 4KB - Virtual size: 3KB

.owtwo5
Size: 4KB - Virtual size: 3KB

.owtwo6
Size: 4KB - Virtual size: 3KB

.owtwo7
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 16B