d077f314a2546db99b66d86354a9c3b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d077f314a2546db99b66d86354a9c3b0_JaffaCakes118
Size

178KB
MD5

d077f314a2546db99b66d86354a9c3b0
SHA1

4d936b4be76543eda1f539d81c1a93559b42c4a9
SHA256

d6ee0e697faa47de510758e21564869affd580283b056e92d9ab804be2cb1e71
SHA512

3a35adc63c17ab13e64431e5163fa73199fae0d09cbee29134f68cb267558fefd022163049d7e9368339a8050b63dabd6aaf32105abb836c18db2a66f162e973
SSDEEP

3072:axMNtY0z1OOG996BvQfykINLO0nh7GXH9UXGFsT2BApw+KLqJpLSu4DWckEvE/b:axMNZz1bG94Bv65CLO6JG3a2F3BApw+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d077f314a2546db99b66d86354a9c3b0_JaffaCakes118

Files

d077f314a2546db99b66d86354a9c3b0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1948202ea066a9f6a3305fb2709624ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameW
GetConsoleCommandHistoryW
GetCurrentThread
FileTimeToDosDateTime
AllocateUserPhysicalPages
SetLastError
EnumSystemGeoID
GetNumberOfConsoleInputEvents
GetLocalTime
GetLogicalDrives
DeleteTimerQueue
EraseTape
HeapQueryInformation
GetDateFormatW
FreeUserPhysicalPages
MapViewOfFileEx
ExpungeConsoleCommandHistoryW
LZCopy
GlobalUnlock
SetWaitableTimer
GetUserDefaultLCID
TerminateThread
_hwrite
LoadLibraryA
GlobalAlloc
SetConsoleCtrlHandler
GetFileSize
DosPathToSessionPathW
ReadConsoleInputA
GetGeoInfoW
GetSystemWow64DirectoryW
GetModuleHandleA
MapUserPhysicalPagesScatter
GetLastError
AreFileApisANSI
VirtualAlloc
SetConsoleCursorMode
TransmitCommChar
InterlockedPushEntrySList
GetFirmwareEnvironmentVariableW
GetComputerNameW

gdi32

ExtTextOutA
GdiDeleteLocalDC
DdEntry39
GetTextExtentExPointW
DdEntry53
SetPixelV
GetEUDCTimeStampExW
GdiAddGlsRecord
EngAssociateSurface
GetCharABCWidthsI
DdEntry23
GetGlyphOutline
EngPaint
TextOutA
PlayEnhMetaFile
XLATEOBJ_hGetColorTransform
DdEntry4
FONTOBJ_pQueryGlyphAttrs
CreateDIBPatternBrushPt
GdiArtificialDecrementDriver
GdiResetDCEMF
CreateColorSpaceA
GetCurrentPositionEx
SetWindowExtEx
CreateScalableFontResourceA
CreatePenIndirect
GetDCOrgEx
EngGetDriverName
FONTOBJ_pifi
EnumEnhMetaFile
CloseMetaFile
CreatePatternBrush
UpdateICMRegKeyW
GetWinMetaFileBits
GdiEntry11
CLIPOBJ_ppoGetPath
GdiConvertEnhMetaFile
EnumObjects
EngFillPath
BRUSHOBJ_pvAllocRbrush
GetBrushAttributes
CreateMetaFileW

dsauth

DhcpDsAddServer
StoreCollectAttributes
StoreCleanupHandle
DhcpDsGetLists
DhcpDsGetAttribs
StoreCreateObjectVA
DhcpEnumServersDS
DhcpDsValidateService
StoreEndSearch
DhcpDsCleanupDS
DhcpDsGetRoot
DhcpDsSetLists
StoreDeleteObject
StoreGetHandle
StoreSearchGetNext
StoreSetSearchSubTree
DhcpDsInitDS
StoreBeginSearch
StoreSetSearchOneLevel
DhcpAddServerDS
DhcpDsEnumServers
DhcpDsDelServer
DhcpDeleteServerDS
StoreInitHandle

ole32

STGMEDIUM_UserUnmarshal
HPALETTE_UserUnmarshal
IsEqualGUID
CoGetInstanceFromFile
OleCreateEx
StgOpenAsyncDocfileOnIFillLockBytes
CoCancelCall
CoImpersonateClient
DllGetClassObjectWOW
MonikerRelativePathTo
HICON_UserFree
StgGetIFillLockBytesOnILockBytes
OleLoadFromStream
CoGetStandardMarshal
OleCreateFromDataEx
OleRun
DoDragDrop
OleGetIconOfFile
HBRUSH_UserFree
HBITMAP_UserMarshal
HGLOBAL_UserUnmarshal
GetConvertStg
OleCreateFromData
CoGetComCatalog
CoGetMalloc
WdtpInterfacePointer_UserUnmarshal

oleaut32

VarCyFromUI1
VarBstrFromUI8
VarDateFromI1
VarR4FromDec
VarBoolFromUI1
VarCyFromI2
VarUI8FromI1
VarUI1FromI4
VarDecFromDisp
VarUI2FromI4
VarUI4FromR4
VarUI8FromCy
SafeArrayRedim
VarBoolFromUI2
SafeArrayPtrOfIndex
VarI2FromR8
SafeArrayAllocDescriptorEx
VarI4FromUI1
VarDecFromR4
VarI8FromR4
VarUI1FromI8
VarUI4FromBool
OleIconToCursor
DispGetIDsOfNames
SafeArrayLock
VarCyFromI8
VarR4FromStr
VarDecFromUI1
VarUI1FromDec
VarI4FromR4
VarBoolFromStr
VarI1FromCy
VarUI2FromStr
VarI2FromI8
OleLoadPictureFile
VarDecFromI8
VarI4FromDate
VarCyFromI4
OACreateTypeLib2
VarI4FromI8
VarR4FromR8
VarBoolFromDec
VarCySub
VarFormatPercent
VarI4FromUI8

wininet

UnlockUrlCacheEntryFileA
GetUrlCacheConfigInfoW
InternetTimeToSystemTimeA
InternetErrorDlg
CreateMD5SSOHash
InternetTimeFromSystemTimeW
InternetTimeFromSystemTime
InternetGoOnlineA
FindFirstUrlCacheEntryExA
FreeUrlCacheSpaceA
FtpCommandA
FindNextUrlCacheEntryExA
InternetSecurityProtocolToStringW
InternetAutodialCallback
RetrieveUrlCacheEntryFileW
FtpGetFileEx
CreateUrlCacheContainerW
InternetSetPerSiteCookieDecisionW
HttpOpenRequestA
FindNextUrlCacheEntryW
DeleteUrlCacheEntryA
ForceNexusLookup
InternetSetCookieW
InternetWriteFileExW
InternetGetLastResponseInfoA
InternetSetDialState
FindCloseUrlCache
InternetConnectA
InternetConfirmZoneCrossingA
ShowX509EncodedCertificate
FtpGetCurrentDirectoryA
InternetSetOptionExW
CreateUrlCacheEntryW

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1948202ea066a9f6a3305fb2709624ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

dsauth

ole32

oleaut32

wininet

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 84KB - Virtual size: 254KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 84KB - Virtual size: 254KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 924B