ba86ffebe4d34dd44be576f5e6c8b842_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba86ffebe4d34dd44be576f5e6c8b842_JaffaCakes118
Size

189KB
MD5

ba86ffebe4d34dd44be576f5e6c8b842
SHA1

0e31b8812df7b04f5a1b608d71cd6eda8f0978e4
SHA256

2118d93b946690f53be50318b17e69de602508dbde222f987d19cbaa14c17db7
SHA512

5f0551e5ebd77cd014cda5f4dfbc2a4c18d0f2a95bdbd9f1f8a92bdd6031b1c6e19fd2c7ab2c574546521d0922f3e513a604f229a4e67011f2e7029dcb5d897e
SSDEEP

3072:mg4TlUm2CQUMMnMMMMMX7I7DPy0BhuiqozrTXKW0sVUmcnNC9ozjGHBnJ3HDam/l:mim2CHMMnMMMMMalhuLwUVY9o3GHhJ35

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba86ffebe4d34dd44be576f5e6c8b842_JaffaCakes118

Files

ba86ffebe4d34dd44be576f5e6c8b842_JaffaCakes118
.exe windows:5 windows x86 arch:x86

183947fae6d98d043872da2917ccbf9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
_lread
GetACP
SizeofResource
ExitThread
SystemTimeToFileTime
GlobalReAlloc
LoadLibraryA
GlobalHandle
CreateSemaphoreA
FindResourceA
lstrcpyA
SetStdHandle
SetFileAttributesA
InterlockedIncrement
lstrcmpiA
GetCurrentProcessId
HeapAlloc
FileTimeToLocalFileTime
GetUserDefaultLCID
lstrcmpiW
SetLocalTime
_lwrite
CompareStringW
MulDiv
FormatMessageW
GetVolumeInformationA
HeapReAlloc
GlobalDeleteAtom
FreeLibrary
GetModuleFileNameW
GetEnvironmentStringsW
RemoveDirectoryA
MoveFileA
TlsFree
CreateDirectoryA
FlushInstructionCache
WriteFile
GetSystemTime
GetLocalTime
GetTempFileNameA
GetSystemDirectoryA
GetExitCodeProcess
CompareStringA
GetModuleFileNameA
ResumeThread
InitializeCriticalSection
GetCommandLineA
ReleaseSemaphore
EnterCriticalSection
SetEnvironmentVariableA
FileTimeToSystemTime
LCMapStringW
LoadLibraryExA
GetFullPathNameA
CloseHandle
TlsSetValue
FlushFileBuffers
WideCharToMultiByte
CreateProcessA
GetShortPathNameA
DeleteFileA
GlobalAddAtomA
CreateThread
lstrcpynA
FreeEnvironmentStringsW
GetCPInfo
SetLastError
GetVersionExA
HeapDestroy
HeapCreate
GetStdHandle
GetEnvironmentStrings
lstrlenA
ReadFile
GetSystemDefaultLCID
LockFile
_lclose
RaiseException
CreateFileA
GetOEMCP
GetProfileStringA
LoadResource
CreateMailslotA
GetProcAddress
SearchPathA
InterlockedDecrement
SetEndOfFile
TlsAlloc
FormatMessageA
GetTickCount
GetSystemDefaultLangID
VirtualProtect
GetLocaleInfoA
Sleep
TerminateProcess
GetCurrentDirectoryA
GetLastError
GlobalUnlock
DuplicateHandle
UnhandledExceptionFilter
WaitForSingleObject
SetFileTime
HeapSize
GetSystemInfo
GetStringTypeA
GetFileTime
GetStringTypeExA
SetErrorMode
GetCurrentProcess
lstrcmpA
GetTempPathA
GetStringTypeW
UnlockFile
GlobalAlloc
FreeResource
SetCurrentDirectoryA
FindClose
GetFileAttributesA
ExitProcess
_llseek
SetFilePointer
GetUserDefaultLangID
FindNextFileA
RtlUnwind
GetWindowsDirectoryA
GetDriveTypeA
TlsGetValue
GlobalSize
VirtualQuery
GetVersion
DeleteCriticalSection
IsBadReadPtr
SetEvent
IsBadCodePtr
GetDateFormatA
HeapFree
GetFileType
GlobalFree
VirtualAlloc
CreateEventA
GetStartupInfoA
WinExec
GetTimeZoneInformation
SetHandleCount
LockResource
CreateProcessW
LeaveCriticalSection
LCMapStringA
VirtualFree
MultiByteToWideChar
FindFirstFileA
GetModuleHandleA
ResetEvent
GlobalLock
GetCurrentThreadId
FreeEnvironmentStringsA

user32

SendDlgItemMessageA
UnhookWindowsHookEx
SetTimer
WindowFromPoint
GetWindowThreadProcessId
IsCharAlphaA
IsDialogMessageA
BeginPaint
FindWindowA
ShowCursor
GetSystemMetrics
SetScrollPos
TrackPopupMenu
PostMessageA
IsWindowVisible
MessageBoxA
DdeClientTransaction
GetMenuState
OffsetRect
EnumThreadWindows
MessageBoxIndirectA
IsWindowEnabled
AttachThreadInput
CharLowerBuffW
RegisterClassA
DestroyIcon
SetWindowLongA
DestroyMenu
PostQuitMessage
UpdateWindow
RegisterClassExA
CallWindowProcA
LockWindowUpdate
SetWindowContextHelpId
GetClipboardFormatNameA
SetPropA
DdeInitializeA
SetWindowTextA
SetWindowRgn
EnableWindow
GetTabbedTextExtentA
DrawFrameControl
DestroyCaret
GetCursorPos
GetWindowRect
VkKeyScanW
AdjustWindowRect
CopyRect
GetCaretBlinkTime
DdeCmpStringHandles
CharToOemBuffA
TranslateMDISysAccel
EndDeferWindowPos
SetWindowsHookExA
GetKeyboardState
EnumClipboardFormats
CopyAcceleratorTableA
SetDlgItemTextA
DrawTextA
BeginDeferWindowPos
SetScrollInfo
CreateCaret
DdeQueryStringA
CreateAcceleratorTableA
WaitForInputIdle
EndPaint
CharUpperBuffA
CallNextHookEx
IsZoomed
FindWindowW
DeferWindowPos
DialogBoxParamA
SubtractRect
TranslateMessage
GetDesktopWindow
ClientToScreen
AdjustWindowRectEx
GetWindowDC
SetRect
FillRect
SetMenuItemInfoA
CharLowerBuffA
GetClipboardData
GetScrollPos
FrameRect
RemovePropA
GetCapture
CreateIcon
DdeFreeStringHandle
PeekMessageA
CloseClipboard
DdeDisconnect
GetFocus
DdePostAdvise
GetLastActivePopup
GetClientRect
IsIconic
ScreenToClient
GetSysColor
SetMenu
GetIconInfo
OemToCharA
GetMessagePos
LoadCursorA
SetActiveWindow
IsRectEmpty
CharPrevA
ShowCaret
ToAscii
IsClipboardFormatAvailable
ReleaseDC
VkKeyScanA
KillTimer
InsertMenuA
GetAsyncKeyState
DrawFocusRect
DdeNameService
CreateMenu
PeekMessageW
SetCursorPos
DefFrameProcA
AppendMenuA
GetMenuItemCount
EmptyClipboard
DestroyCursor
GetActiveWindow
SetClipboardData
ReleaseCapture
GetQueueStatus
GetClassNameA
DdeCreateStringHandleA
GetUpdateRgn
IsWindow
UnregisterClassA
WaitMessage
InvalidateRgn
GetScrollInfo
MessageBeep
HideCaret
GetMenu
RemoveMenu
LoadIconA
keybd_event
SetWindowsHookExW
SetMenuDefaultItem
DefMDIChildProcA
CharLowerA
ShowWindow
GetClassInfoA
IsChild
SetCursor
PtInRect
GetWindowTextA
LoadStringA
ModifyMenuA
GetUpdateRect
EndDialog
CharToOemA
IntersectRect
LoadAcceleratorsA
DdeQueryConvInfo
SetCaretPos
DdeGetData
SystemParametersInfoA
GetCursor
GetDCEx
DdeCreateDataHandle
GetParent
CreateWindowExA
GetKeyboardLayout
DrawMenuBar
DdeUninitialize
GetMenuItemID
GetMenuItemInfoA
SetParent
InflateRect
CreatePopupMenu
EqualRect
SetWindowPos
DdeAbandonTransaction
InvalidateRect
RegisterClipboardFormatA
SendMessageA
SetKeyboardState
DeleteMenu
CreateDialogParamA
SetCapture
DestroyAcceleratorTable
wsprintfA
GetWindow
MsgWaitForMultipleObjects
LoadBitmapA
MapWindowPoints
GetCaretPos
GetWindowTextLengthA
GetKeyState
GetDoubleClickTime
MoveWindow
CharUpperBuffW
DdeGetLastError
GetPropA
CheckMenuItem
LoadImageA
OpenClipboard
DdeSetUserHandle
GetMessageTime
DdeFreeDataHandle
GetDlgItem
GetMenuStringA
DrawIcon
CharNextA
BringWindowToTop
DefWindowProcA
DdeConnect
CharUpperA
GetSystemMenu
CreateCursor
DestroyWindow
GetWindowRgn
ClipCursor
EnableMenuItem
SetForegroundWindow
WinHelpA
PostMessageW
PostThreadMessageA
GetDC
GetSubMenu
SetFocus
DispatchMessageA
ShowScrollBar
GetClassInfoExA
SetScrollRange
TabbedTextOutA
GetForegroundWindow
GetWindowLongA

ddraw

DirectDrawEnumerateA

mswsock

sethostname

advapi32

RegDeleteKeyW
RegCreateKeyA
DeregisterEventSource
OpenProcessToken
RegEnumKeyW
ReportEventA
RegCloseKey
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumValueA
RegSetValueExW
InitializeSecurityDescriptor
AdjustTokenPrivileges
RegisterEventSourceA
RegOpenKeyExA
RegSetValueA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegDeleteValueW
RegOpenKeyA
LookupPrivilegeValueA
RegQueryValueExW
RegEnumValueW
RegEnumKeyA
RegQueryValueA
RegOpenKeyW
RegCreateKeyW

samlib

SamRemoveMultipleMembersFromAlias
SamConnectWithCreds
SamiSetDSRMPassword
SamTestPrivateFunctionsUser

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

183947fae6d98d043872da2917ccbf9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ddraw

mswsock

advapi32

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 64B

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 58KB - Virtual size: 58KB

.data Size: 50KB - Virtual size: 384KB

.rdata Size: 67KB - Virtual size: 66KB

.text
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 64B

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 58KB - Virtual size: 58KB

.data
Size: 50KB - Virtual size: 384KB

.rdata
Size: 67KB - Virtual size: 66KB