d08a7e9d2f49c213e57d1b55c34146f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d08a7e9d2f49c213e57d1b55c34146f6_JaffaCakes118
Size

210KB
MD5

d08a7e9d2f49c213e57d1b55c34146f6
SHA1

bfb8ab18a25da97c9b908f48bdd99c07d193b14e
SHA256

8de74625e44aeea0b49987cd664c7125d778aeb732294ac18252743ea11bd20e
SHA512

276bccea226005c8b61e0afa643b70b4ea8aa8df66a36419ce65947eb35333f810b4d5d3b662eaf058a8aa32d2c0ea0e858a25bebe94ef5266ffdbd51c26dea1
SSDEEP

6144:97xbm2ovXZr6nwnkrJjA1uWuS05Nw3rlkq9xPgLO:97xkQrJ2oEOWqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d08a7e9d2f49c213e57d1b55c34146f6_JaffaCakes118

Files

d08a7e9d2f49c213e57d1b55c34146f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
ReadFile
GlobalGetAtomNameW
GetModuleFileNameA
FatalAppExitW
CreateMutexA
GetModuleHandleA
FindAtomA
GetUserDefaultLCID
OpenMutexA
GetLogicalDrives
GetTempFileNameA
Beep
ReadDirectoryChangesW
DisconnectNamedPipe
CreateSemaphoreW
OpenSemaphoreW
GetEnvironmentVariableA
CompareStringW
lstrlenA
SetPriorityClass
GetCommandLineW
GetSystemDirectoryA
GlobalGetAtomNameA
lstrcpynA
GetCPInfo
FindResourceA
OpenWaitableTimerW
QueryPerformanceCounter
EnumTimeFormatsA
SetCurrentDirectoryA
IsBadCodePtr
GetTimeFormatA
lstrcmp
GetVersion
CreateFileA
EndUpdateResourceW
SetCurrentDirectoryW
lstrcpyA
GetTimeFormatW
CopyFileExW
IsValidCodePage
GetCalendarInfoW
GetTempFileNameW
ExitProcess
GetComputerNameA
GetProcAddress
DosDateTimeToFileTime
GetSystemTime
lstrcpyW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
OpenWaitableTimerA
GetCurrentProcess
CreateFileMappingA

user32

GetMessageW
SetWindowTextA
SetParent
GetClassInfoExA
GetWindowLongA
SetTimer
IsWindowEnabled
TrackPopupMenuEx
SetCursor
SendDlgItemMessageA
RegisterClassExA
GetActiveWindow
GetDlgItemTextA
CharNextW
CheckMenuRadioItem
FillRect
CreateDesktopA
CreateDialogIndirectParamA
LoadCursorW
DefDlgProcA
CreateWindowExW
InsertMenuA
GetClassLongW

gdi32

ExtCreateRegion
Ellipse
GetDeviceCaps
GetAspectRatioFilterEx
SetAbortProc
SelectBrushLocal
SetArcDirection
FloodFill
CreateDCA
GetSystemPaletteEntries
FillPath
GetCharWidthFloatW
AnimatePalette
ExtFloodFill
ExcludeClipRect

advapi32

RegReplaceKeyA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyExW
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

oleaut32

VarCyCmp
VariantChangeTypeEx
VarI4FromStr
VarUI1FromI4

inetcomm

CreatePOP3Transport
MimeOleSMimeCapsToDlg
MimeOleGetDefaultCharset
EssSecurityLabelEncodeEx
MimeOleGenerateFileName
MimeOleGetPropW
CreateIMAPTransport
MimeOleObjectFromMoniker
EssMLHistoryDecodeEx
EssSecurityLabelDecodeEx
MimeOleSetPropW
EssMLHistoryEncodeEx
MimeOleOpenFileStream
HrDoAttachmentVerb
HrSaveAttachToFile
CreateRangeList
MimeOleGenerateMID
MimeOleGetRelatedSection

sqlunirl

_SendMessage@16
_ClearEventLog_@8
_RegReplaceKey_@16
_FindExecutable_@12
_RegUnLoadKey_@8
_ShellExecute_@24
_PeekMessage@20
_lstrcpyn_@12
_ReadConsoleInput_@16
_OpenWaitableTimer_@12
_RegEnumValue_@32
_GetWindowTextLength@4

crypt32

PFXVerifyPassword
CertSerializeCRLStoreElement
CertEnumCTLContextProperties
CertAddCTLContextToStore
CertNameToStrA
CryptEncryptMessage
CryptGetKeyIdentifierProperty
RegEnumValueU
CryptVerifyMessageSignature
CryptSetOIDFunctionValue
CryptRegisterOIDFunction
CryptSIPCreateIndirectData
CryptSIPPutSignedDataMsg
CertAddEnhancedKeyUsageIdentifier
CertAddEncodedCRLToStore

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qRTHoW
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vVVua
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MCS
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SdGAP
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xa
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Avk
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OOSv
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KPO
Size: 1KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

inetcomm

sqlunirl

crypt32

Sections

.text Size: 11KB - Virtual size: 11KB

.qRTHoW Size: 2KB - Virtual size: 4KB

.vVVua Size: 2KB - Virtual size: 4KB

.MCS Size: 512B - Virtual size: 26KB

.SdGAP Size: 4KB - Virtual size: 16KB

.xa Size: 1KB - Virtual size: 17KB

.Avk Size: 1KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 11KB

.OOSv Size: 1KB - Virtual size: 33KB

.KPO Size: 1KB - Virtual size: 240KB

.rsrc Size: 169KB - Virtual size: 169KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.qRTHoW
Size: 2KB - Virtual size: 4KB

.vVVua
Size: 2KB - Virtual size: 4KB

.MCS
Size: 512B - Virtual size: 26KB

.SdGAP
Size: 4KB - Virtual size: 16KB

.xa
Size: 1KB - Virtual size: 17KB

.Avk
Size: 1KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 11KB

.OOSv
Size: 1KB - Virtual size: 33KB

.KPO
Size: 1KB - Virtual size: 240KB

.rsrc
Size: 169KB - Virtual size: 169KB

.reloc
Size: 1KB - Virtual size: 1KB