b9e5ddea32d3971eb47b4790d051f11e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9e5ddea32d3971eb47b4790d051f11e_JaffaCakes118
Size

44KB
MD5

b9e5ddea32d3971eb47b4790d051f11e
SHA1

742fb9a2de0bd7d957bbd6cf81e200f4c70cd76c
SHA256

3177c245d7f15fe1da944bdbd9919288c0b5a192912863a85f996eefa6d9d646
SHA512

a261c183b64aa48ebdd38fcca7bdbc42bbbc368577500ff976d21aeb26bc7a99264dc88e0d0521cd66902581e8d1629cf6b0ffd638a570264c6ade13006d9f4e
SSDEEP

768:rTweamthhlUV1p8HfTaoie18P0G0nQDvcyd+CWqySRCZ/Odo8HIyD:PGmDUVYHfTabe1HRn8cwH0SRyOdo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9e5ddea32d3971eb47b4790d051f11e_JaffaCakes118

Files

b9e5ddea32d3971eb47b4790d051f11e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ebead7c26798a885ba1ca511d0dd31e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
VirtualProtect
GetBinaryTypeA
GetFileType
WritePrivateProfileStringW
CancelTimerQueueTimer
WriteConsoleOutputW
GetPrivateProfileSectionW
EnumSystemLocalesW
ScrollConsoleScreenBufferW
GetTapeStatus
GetThreadLocale
FindNextVolumeW
MultiByteToWideChar
GetConsoleAliasesLengthW
CallNamedPipeW
FindNextChangeNotification
SetLocaleInfoA
CreateJobObjectA
SetTimerQueueTimer
OpenEventA
FindFirstChangeNotificationA
GetCalendarInfoW
CreateDirectoryExA
BuildCommDCBW
GetProcessHeap
GetCurrentConsoleFont
GetSystemDefaultLCID
GetConsoleAliasesW
IsDBCSLeadByte
GetLastError
OutputDebugStringA
FindFirstFileExA
GetDriveTypeA
GetTimeFormatW
ReadProcessMemory
ReadConsoleOutputAttribute
GetConsoleCP
GetFileAttributesExW
GetFileAttributesW
WritePrivateProfileStructW
SetConsoleScreenBufferSize
FindAtomW
PeekNamedPipe
EnumSystemCodePagesA
SetConsoleTextAttribute

user32

SetDlgItemInt
GetQueueStatus
GetDesktopWindow
GetAppCompatFlags2
GetDialogBaseUnits
DdeSetQualityOfService
GetMenuItemID
FindWindowExW
SetCursorPos
DdeFreeStringHandle
GetClassInfoExA
LoadKeyboardLayoutA
CreateCursor
SetClassLongW
EnumDisplayMonitors
GetClassInfoExW
UserLpkTabbedTextOut
CreateIconFromResourceEx
InvalidateRect
GetComboBoxInfo
OpenClipboard
DdeAddData
MessageBoxIndirectW
GrayStringA
GetClassNameA
GetWindowModuleFileNameW
DestroyAcceleratorTable

gdi32

PathToRegion
PATHOBJ_bEnumClipLines
SetMapMode
SetRelAbs
ResizePalette
XFORMOBJ_iGetXform
FontIsLinked
STROBJ_bEnum
EngFillPath
EngCreateDeviceSurface
GetCharacterPlacementA
BRUSHOBJ_pvGetRbrush
FONTOBJ_cGetGlyphs
XLATEOBJ_iXlate
AbortDoc
GdiReleaseLocalDC
CreateFontIndirectExA
GetTextExtentPoint32W
RealizePalette
GdiGetBatchLimit
GetEnhMetaFileA
StrokePath
SetTextAlign
SetEnhMetaFileBits
GetWinMetaFileBits
SetDIBits
GdiGetPageHandle
EnableEUDC
TextOutW
GetCharWidthA
CreateBrushIndirect
EnumMetaFile
ChoosePixelFormat
SetVirtualResolution
CreateRoundRectRgn
GetETM
GdiEntry7

comdlg32

PrintDlgExW
GetFileTitleW
GetSaveFileNameW
FindTextW
PrintDlgA
dwLBSubclass
PageSetupDlgA
ChooseFontA
ReplaceTextA
GetOpenFileNameW
CommDlgExtendedError
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseColorA

psapi

GetDeviceDriverFileNameA
EnumProcesses
GetDeviceDriverBaseNameA
GetProcessMemoryInfo
GetModuleInformation
GetWsChanges
GetDeviceDriverFileNameW
InitializeProcessForWsWatch
GetMappedFileNameA
GetModuleFileNameExW
GetModuleBaseNameA
GetDeviceDriverBaseNameW
EnumProcessModules
GetModuleBaseNameW
QueryWorkingSet
EmptyWorkingSet
EnumDeviceDrivers
GetModuleFileNameExA
GetMappedFileNameW

comctl32

ImageList_Create
GetMUILanguage
FlatSB_SetScrollProp
CreateToolbarEx
ImageList_DragEnter
ImageList_Merge
ImageList_EndDrag
ImageList_GetImageRect
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_GetDragImage
CreateStatusWindow
DestroyPropertySheetPage
ImageList_AddIcon
ImageList_GetIcon
PropertySheetW
ImageList_Draw
UninitializeFlatSB
ImageList_DrawIndirect
ImageList_LoadImageA
MakeDragList
ImageList_Remove
ImageList_SetImageCount
ImageList_GetImageCount
DrawStatusTextW

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ebead7c26798a885ba1ca511d0dd31e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 5KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 5KB - Virtual size: 8KB