d09a2fafd6395e347a374a6fd55f0979_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d09a2fafd6395e347a374a6fd55f0979_JaffaCakes118
Size

354KB
MD5

d09a2fafd6395e347a374a6fd55f0979
SHA1

f19e0f2c0bdc5bdbf29de3c0dfbd60b44f565d60
SHA256

aeaf0ff839eeffd44a2b3c7c9e972920d9a6674e98a92850cecd0f298764bce3
SHA512

b46bc6f510b798b23684129e6ecc237db36731f45e159a7b8246e48fe6f117edc2af75799047b08d1d4efc7d56eaf67366d75123ba03aad827a535cfe9f98372
SSDEEP

6144:jIp7pQMOtvhiNyVyZHbzU5/JMi+xLus/AWQB9X:OpWhcyIZHnU5RPu4B9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d09a2fafd6395e347a374a6fd55f0979_JaffaCakes118

Files

d09a2fafd6395e347a374a6fd55f0979_JaffaCakes118
.exe windows:6 windows x86 arch:x86

67b6c86a7ffc517e34d07d703895aacd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\differ\iron\track\SeeHas.pdb

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
SetFilePointerEx
LoadLibraryExW
WriteConsoleW
ReadConsoleW
SetEndOfFile
OutputDebugStringW
RemoveDirectoryA
GetEnvironmentVariableA
LoadLibraryA
TlsSetValue
TlsAlloc
FindClose
Sleep
WaitForSingleObject
SetEvent
VirtualProtectEx
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
GetModuleFileNameA
CreateFileW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
CloseHandle
DuplicateHandle
GetCurrentProcess
RaiseException
RtlUnwind
GetCommandLineA
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
GetProcessHeap
IsDebuggerPresent
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
GetCurrentThreadId
SetStdHandle

user32

GetWindowTextLengthA
SystemParametersInfoA
IsDialogMessageA
SetWindowsHookExA
FrameRect
DrawFrameControl
ClientToScreen
FillRect
SetForegroundWindow
TrackPopupMenu
AppendMenuA
GetActiveWindow
RegisterClassExA
PostMessageA

gdi32

SelectObject
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt

comctl32

ord6
CreateToolbarEx
ord17
PropertySheetA
DestroyPropertySheetPage
ImageList_SetOverlayImage

advapi32

StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
OpenThreadToken
OpenProcessToken

dbghelp

MiniDumpWriteDump

rasapi32

RasHangUpA
RasGetConnectStatusA
RasEnumConnectionsA

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b6c86a7ffc517e34d07d703895aacd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

advapi32

dbghelp

rasapi32

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 7KB - Virtual size: 42KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 7KB - Virtual size: 42KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 8KB - Virtual size: 8KB