b7208b0e88e9204110c1d0e9c036610d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7208b0e88e9204110c1d0e9c036610d_JaffaCakes118
Size

401KB
MD5

b7208b0e88e9204110c1d0e9c036610d
SHA1

5fa2c32695d94c97ea2869cea5112f20fade8783
SHA256

c839016584b252e8afa6b3bfed28ac9dfb5a47cc2a82f0b51e74b604f25e29e3
SHA512

1d41ce8a12d4381f17cb5501103b6314566894511624bbf72cdf5cbad835d33a7a0d35c351c59c103c2d09ea139f61965334f6b52a7971e2e655c9283a348a3c
SSDEEP

3072:HP2omrtw6ocolLSjwxPr0tVY9iVXBg6DY9lYzx6gg30ElUUAy3VtdziKtEAg7h3f:v2omr6eoJx4tVOqRdo0Y6KtpHm7h3/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7208b0e88e9204110c1d0e9c036610d_JaffaCakes118

Files

b7208b0e88e9204110c1d0e9c036610d_JaffaCakes118
.exe windows:8 windows x86 arch:x86

9d8b348bf025f73c44f5719c9aa2ee35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_ReplaceIcon

msvcrt

_open_osfhandle
realloc
_controlfp
_exit
_XcptFilter
_onexit
wcsrchr
fseek
_fdopen
wcschr
wcsncpy
_cexit
clearerr
_putenv
_wfopen
_adjust_fdiv
_wcsrev
time
fread
_wtoi
fclose
_ftol
memmove
_c_exit
calloc
_errno
_tzset
exit
wcscmp
swprintf
_except_handler3
__set_app_type
wcscat
_purecall
_CxxThrowException
__wgetmainargs
fflush
__dllonexit
localtime
_wcsupr
wprintf
_wcmdln
__p__commode
_local_unwind2
_vsnwprintf

user32

SetActiveWindow
GetMenuItemCount
GetParent
MapDialogRect
CreateWindowExA
SetParent
InvalidateRgn
CreateIconFromResource
GetSysColor
GetDC
GetCursorPos
CopyRect
GetSubMenu
GetMenuItemID
GetIconInfo
GetDesktopWindow
GetActiveWindow
ScreenToClient
GetDlgItem
IsWindow
EnableWindow
WindowFromPoint
MonitorFromWindow
TranslateMessage
ShowWindow
RemoveMenu
DestroyWindow
GetWindowThreadProcessId
DrawFocusRect
GetWindow
DefWindowProcA
GetMenu
GetMessageA
UpdateWindow
GetCapture
SetWindowPos
GetNextDlgGroupItem
KillTimer
CreateIconIndirect
CallNextHookEx
SendMessageA
BringWindowToTop
InflateRect
DispatchMessageA
EnableMenuItem
RegisterClassExA
GetFocus
ChildWindowFromPoint

advapi32

GetTokenInformation
CloseServiceHandle
WriteEncryptedFileRaw
RegOpenKeyExA
RegQueryValueExA
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
CloseEncryptedFileRaw
ReadEncryptedFileRaw
QueryServiceStatus
GetSecurityDescriptorDacl
RegCloseKey
AdjustTokenPrivileges

netapi32

NetServerEnum
NetShareGetInfo
NetApiBufferFree

ntdll

wcstoul
NtQueryQuotaInformationFile
isdigit

ole32

CoInitializeSecurity
CoTaskMemFree
StringFromGUID2
CLSIDFromString
CoCreateInstance

gdi32

CreateRectRgn
BitBlt
Polygon
CreateCompatibleDC
DeleteObject
GetMapMode
PatBlt
Rectangle

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder

syssetup

AsrRestorePlugPlayRegistryData

setupapi

SetupFindNextLine
SetupCloseInfFile
SetupGetIntField

kernel32

HeapAlloc
Sleep
SetErrorMode
EnterCriticalSection
GetProcessHeap
SetEndOfFile
FileTimeToLocalFileTime
VerSetConditionMask
GetUserDefaultLCID
LoadResource
MultiByteToWideChar
EraseTape
GetLocalTime
GetFileSize
DeleteCriticalSection
ExitThread
GetFileInformationByHandle
QueryPerformanceCounter
GetCurrentDirectoryA
GetLastError
CloseHandle
DeviceIoControl
GetCurrentProcessId
GetTapeStatus
LeaveCriticalSection
UnhandledExceptionFilter
SetTapePosition
WaitForSingleObject
ReleaseMutex
SetUnhandledExceptionFilter
LockResource
GetVersion
BackupWrite
SetTapeParameters
GetCurrentProcess
HeapQueryInformation
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CreateMutexA
FlushFileBuffers
TerminateProcess
VirtualAlloc
CreateThread
SetLastError
GetCurrentThreadId
TerminateThread
WriteTapemark
GetTapePosition
GetProcAddress
BackupSeek
OpenMutexA
LockFile
ReadFile
LocalFree
GetSystemTimeAsFileTime
ReleaseSemaphore
GetModuleHandleA
GlobalFree
GetSystemTime

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d8b348bf025f73c44f5719c9aa2ee35

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

user32

advapi32

netapi32

ntdll

ole32

gdi32

shell32

syssetup

setupapi

kernel32

Sections

.text Size: 175KB - Virtual size: 175KB

.data Size: 97KB - Virtual size: 97KB

.rsrc Size: 126KB - Virtual size: 128KB

.text
Size: 175KB - Virtual size: 175KB

.data
Size: 97KB - Virtual size: 97KB

.rsrc
Size: 126KB - Virtual size: 128KB