abeae897d3ec165f481377d451dba0cb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

abeae897d3ec165f481377d451dba0cb_JaffaCakes118
Size

228KB
MD5

abeae897d3ec165f481377d451dba0cb
SHA1

28e9765c41870bd6669ff7c22f5d8c1de7d2f1c9
SHA256

ea59ee42e3fc30b26db9e6bdecac3372948a07ff067325df0a50f88fbf658192
SHA512

45eed0b879e2dbc9ed34f07856ead27b4734c73abd57d0b78e16ea3e88b628547e86c1ed54e0902950011143a0162b3ec21f54b11117c6d3bb4dcea14aa0f2f6
SSDEEP

6144:wt9d/LWPEz2gof2dgHga9eUN5WA7icAvFvGwh:mZLWPDjf2dgAaUUN5R7AF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abeae897d3ec165f481377d451dba0cb_JaffaCakes118

Files

abeae897d3ec165f481377d451dba0cb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d39bded624517b880135ac57b4e9014

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
connect

kernel32

VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStdHandle
WriteFile
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsAlloc
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
lstrlenA
AssignProcessToJobObject
FreeUserPhysicalPages
LoadLibraryA
FindResourceW
FindCloseChangeNotification
GetCalendarInfoA
GetModuleFileNameA
AreFileApisANSI
CompareStringA
CreateMutexA
GetLastError
FindNextVolumeMountPointA
AddAtomW
ConvertDefaultLocale
GetCommandLineA
TerminateProcess
FindVolumeClose
DebugActiveProcess
GetACP
ReadProcessMemory
CreateIoCompletionPort
CreateToolhelp32Snapshot
GetModuleFileNameW
lstrlenW
WriteProcessMemory
FlushInstructionCache
TlsFree
CreateTimerQueue
IsDebuggerPresent
GetCurrentProcess
TlsSetValue
GetModuleHandleA
FlushViewOfFile
lstrcmpA
lstrcatA
lstrcmpiA
FlushFileBuffers
Sleep
TlsGetValue
ContinueDebugEvent
FreeEnvironmentStringsA
IsBadHugeReadPtr
lstrcpyA
GetAtomNameW
CreateFiberEx
GetProcAddress
CompareStringW
AddAtomA
IsBadReadPtr
ExitProcess
LCMapStringW
RtlUnwind
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime

user32

SetWindowsHookW
MessageBoxA
SetWindowTextA
UnloadKeyboardLayout
UnregisterHotKey
TrackPopupMenuEx
GetClipboardData
GetClassWord
DlgDirListW
GetClassLongW
DestroyMenu
DlgDirListA
DlgDirListComboBoxW
FrameRect
DrawAnimatedRects
DlgDirSelectExW
UnhookWindowsHook
DlgDirListComboBoxA
DrawIcon
AttachThreadInput
ShowCaret
ActivateKeyboardLayout
DrawMenuBar
EnumClipboardFormats
GetAsyncKeyState
UpdateLayeredWindow
AllowSetForegroundWindow
DrawIconEx
ArrangeIconicWindows
AnimateWindow
EndDeferWindowPos
SetWindowsHookExA
mouse_event
VkKeyScanA
SetWindowTextW
GetClipCursor
ShowCursor
SetWindowsHookExW
EndMenu
DragObject
UserHandleGrantAccess
EnableScrollBar
GetClientRect
VkKeyScanW
ValidateRgn
EnableMenuItem
GetAltTabInfoA

gdi32

StartDocW
GetObjectW
CreateCompatibleDC
SetICMMode
CopyEnhMetaFileW
CreateEllipticRgn
UpdateColors
SetPixel
SetWindowExtEx
BitBlt
CreateBitmap
GetKerningPairsA
GetRgnBox
Rectangle
OffsetRgn
StretchBlt
CreateHatchBrush
GetICMProfileW
GetWorldTransform
GetTextCharset
GetKerningPairsW
SelectObject
CreateRectRgn
SetDCPenColor
PaintRgn
GetTextAlign
RoundRect
PolyBezier
GetICMProfileA
GetSystemPaletteEntries
CombineTransform
GetMetaFileBitsEx
CreateEnhMetaFileW
GetROP2
GetTextColor
CombineRgn
GetPolyFillMode
CloseFigure
StartPage
GetViewportExtEx
GetObjectType
AbortDoc
GetRandomRgn
CreatePolygonRgn
GetObjectA
GetViewportOrgEx
GetNearestColor
GetLogColorSpaceW
PolyPolyline
SelectClipPath
OffsetWindowOrgEx
GetPixel
CreateHalftonePalette
GetTextCharsetInfo
UnrealizeObject
StrokeAndFillPath
SetWindowOrgEx
CreatePen
ResetDCW
GetWinMetaFileBits
GetTextFaceW
CreateCompatibleBitmap
RemoveFontResourceA
CreateDIBPatternBrush
StrokePath
SelectPalette
ScaleViewportExtEx
SetDIBitsToDevice
MaskBlt
GetSystemPaletteUse
CreatePatternBrush
InvertRgn
PathToRegion
SaveDC

shell32

SHGetFileInfoA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d39bded624517b880135ac57b4e9014

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 86KB - Virtual size: 85KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 86KB - Virtual size: 85KB