b09021c6f9db5febbb4ac4fc62dbfb56_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b09021c6f9db5febbb4ac4fc62dbfb56_JaffaCakes118
Size

253KB
MD5

b09021c6f9db5febbb4ac4fc62dbfb56
SHA1

3ab360af021b34ee0822ec605d3a94e38bec3d79
SHA256

980ebb7595cc8b379c8c6313b136f093c6b62ba35b26170b8c84aac95370bd81
SHA512

6ee0c2e284742478dd9582d566be1bc82945865c36644890621355ad7d30cc61278490c5c5d9098021e3a2669dfd4224e18a4efeeadaa534e99e604bf0a5d09b
SSDEEP

6144:lj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:KyTjOxa0+ZdsLTLGJC2WNYrU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b09021c6f9db5febbb4ac4fc62dbfb56_JaffaCakes118

Files

b09021c6f9db5febbb4ac4fc62dbfb56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohs
inet_ntoa

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

GetSystemTime
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
OpenMutexA
GetLastError
GetTickCount
GetLocaleInfoA
RaiseException
WaitForMultipleObjects
GetModuleFileNameW
LoadLibraryA
ExitProcess
LocalFree
MultiByteToWideChar
GetACP
LocalAlloc
lstrlenA
lstrcpynA
GetShortPathNameA
lstrcmpiA
GetComputerNameA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
CreateMutexA
OpenEventA
SetEvent
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
CreateEventA
WaitForSingleObject
Sleep
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentStringsW
GetCPInfo
GetFileAttributesA
GetStartupInfoA
BeginUpdateResourceW
GetProcAddress

user32

RegisterClassA
CreateWindowExA
ShowWindow
GetSystemMetrics
CharUpperA
DefWindowProcA
wsprintfA
CharPrevA
GetMessageA
PostQuitMessage

advapi32

ImpersonateSelf
GetTokenInformation
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
OpenProcessToken
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
GetUserNameA

ole32

CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

ntprint

PSetupEnumMonitor
PSetupDestroyPrinterDeviceInfoList
ServerInstallW
PSetupGetSelectedDriverInfo

dmocx

DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WwVHa
Size: 1024B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSKC
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQzjvU
Size: 3KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 114KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RA
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

Imports

version

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

ntprint

dmocx

Sections

.text Size: 15KB - Virtual size: 15KB

.WwVHa Size: 1024B - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 6KB

.iSKC Size: 1024B - Virtual size: 60KB

.edata Size: 101KB - Virtual size: 161KB

.KQzjvU Size: 3KB - Virtual size: 270KB

.data Size: 7KB - Virtual size: 93KB

.edata Size: 114KB - Virtual size: 182KB

.RA Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.WwVHa
Size: 1024B - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 6KB

.iSKC
Size: 1024B - Virtual size: 60KB

.edata
Size: 101KB - Virtual size: 161KB

.KQzjvU
Size: 3KB - Virtual size: 270KB

.data
Size: 7KB - Virtual size: 93KB

.edata
Size: 114KB - Virtual size: 182KB

.RA
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB