d38f531478c9275e1f4d2e2b8dd7129c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d38f531478c9275e1f4d2e2b8dd7129c_JaffaCakes118
Size

270KB
MD5

d38f531478c9275e1f4d2e2b8dd7129c
SHA1

19cce6d26a9732ed10c3c4adf02f8e4724e57a9b
SHA256

c957d3448d87851d06c0cec299b06417b8258202ee224336e66203222647c4b6
SHA512

3a815794b20f6ed2861e5f6c763c191759957227787052e4dc1d27f9c67abb2bbbd745e5120e7e183b7d2312775c5b3ac78056f9faf7197efb656a76d233c5d5
SSDEEP

3072:oDJyC440Ugr9Bo7XWbPEnGIiZHD5/TWXdRUPgvsxq9JlrYFsWOKOaOFT:o90Dr9BoaWGIiGNRUPgvAqnOqJKOL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38f531478c9275e1f4d2e2b8dd7129c_JaffaCakes118

Files

d38f531478c9275e1f4d2e2b8dd7129c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

072566e5cb8f2da417cd0d02d5b2e17f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetProcAddress
DeleteCriticalSection
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
lstrlenA
lstrcmpA
LoadLibraryA
GetModuleHandleA
SearchPathA
GetModuleHandleW
ExitProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
SetFilePointer
GetFileType
SetHandleCount
ReadFile
MultiByteToWideChar
CloseHandle
GetModuleFileNameA
GetStdHandle
WriteFile
Sleep
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetLastError

gdi32

CreateHalftonePalette
CopyEnhMetaFileW
GetColorAdjustment
SetTextColor
CreateICW
GetMapMode
DrawEscape
PaintRgn
PlayEnhMetaFile
AddFontResourceExA
CreateFontIndirectExW
AddFontResourceA
PolyBezier
GetClipBox
LineDDA
RemoveFontMemResourceEx
StartPage
GetGraphicsMode
FixBrushOrgEx
CreateHatchBrush
SetAbortProc
TranslateCharsetInfo
GetEnhMetaFileDescriptionA
FillRgn
GetWindowOrgEx
ResetDCA
GetBrushOrgEx
GetTextCharset
CreateICA
UnrealizeObject
CreateRectRgn
SetBkMode
CreatePenIndirect
CloseFigure
PlayMetaFile
DeleteObject
GetTextExtentPoint32A
SetICMProfileA
RealizePalette
SetBoundsRect
Ellipse
AbortDoc
PolyPolyline
GetEnhMetaFilePixelFormat
EnumMetaFile
GetCharacterPlacementA
CreateSolidBrush
CreateColorSpaceW
SelectClipRgn
GetBkMode
GetRandomRgn
GetLogColorSpaceA
BitBlt
OffsetViewportOrgEx
DescribePixelFormat
InvertRgn
GetWinMetaFileBits
StretchDIBits
CopyMetaFileW
PolyTextOutW
FlattenPath
CreateScalableFontResourceW
AbortPath
DeleteColorSpace
SetTextCharacterExtra
CreateEllipticRgn
ExcludeClipRect
ExtCreatePen
SetMapperFlags
EqualRgn
GetMiterLimit
GetObjectW
CreateDiscardableBitmap
TextOutA
SetBitmapDimensionEx
SelectClipPath
CheckColorsInGamut
GetBkColor
GetBoundsRect
GetCharABCWidthsFloatA
CreateFontIndirectExA
GetCharABCWidthsFloatW
ArcTo
CloseMetaFile
CreateEnhMetaFileA
RectVisible
GetPolyFillMode
SetMapMode
Chord
GetTextExtentPointA
IntersectClipRect
AddFontResourceW
AddFontResourceExW
GetDCOrgEx
CombineRgn
GetDCBrushColor
SetBkColor
GetPixelFormat
GetMetaFileA
GetPath
GetCurrentPositionEx
PolylineTo
GetCharWidthFloatA
GetTextFaceA
AngleArc
CreateFontW
GetFontData
GetGlyphIndicesW
SetMetaRgn
ScaleWindowExtEx
GetEnhMetaFileW
SetDCBrushColor
GetCharWidthW
SetEnhMetaFileBits
GetPixel
PlayEnhMetaFileRecord
GetTextExtentPointI
Polyline
ExtTextOutW
GetTextExtentExPointA
GetTextMetricsW
EnumICMProfilesA
GetCharWidthA
SetPixelV
SetROP2
EnumFontsW
GetTextExtentExPointW
EnumFontFamiliesExW
GetLayout
EnumFontFamiliesA
GetCharWidth32A
SelectObject
GetColorSpace
Polygon
GetCharacterPlacementW
GetMetaFileW
CloseEnhMetaFile
GetRasterizerCaps
GetNearestColor
GetEnhMetaFileHeader
GetKerningPairsA
EndPage
EnumObjects
CreateDCW
EnumICMProfilesW
CreateDIBPatternBrush
EndDoc
CreateRectRgnIndirect
SetArcDirection
SetTextAlign
RestoreDC
LPtoDP
WidenPath
ExtSelectClipRgn
CancelDC
SetICMMode
DeleteEnhMetaFile
SetTextJustification
SetMiterLimit
PatBlt
CreatePen
GetCharABCWidthsW
OffsetClipRgn
CreatePolygonRgn
StartDocW
PolyDraw
ExtFloodFill
GetICMProfileW
CreateFontIndirectW
CreateMetaFileW
GetTextExtentPoint32W
PtInRegion
CreateCompatibleDC
GetMetaFileBitsEx
CreatePatternBrush
SetLayout
GetSystemPaletteUse
GetFontLanguageInfo
OffsetRgn
SetBrushOrgEx
GetTextMetricsA
GdiSetBatchLimit
GetAspectRatioFilterEx
GetKerningPairsW
SetWorldTransform
MaskBlt
GetDIBColorTable
RemoveFontResourceW
RoundRect
ScaleViewportExtEx
CreateDIBitmap
SetWindowOrgEx

activeds

ord6
ord7
ord14
ord17
ord20
ord22
ord19
ord24
ord23
ord16
ord18
ord29
ord3
ord30
ord9

iphlpapi

GetTcpStatisticsEx
DeleteIpForwardEntry
GetAdaptersInfo
GetIpStatistics
GetIpAddrTable
AddIPAddress
GetIfEntry
RestoreMediaSense
GetOwnerModuleFromUdpEntry
GetBestInterfaceEx
SetTcpEntry
GetIpNetTable
GetBestRoute
GetInterfaceInfo
GetExtendedTcpTable
GetFriendlyIfIndex
GetUdpStatistics
EnableRouter
GetIpStatisticsEx
GetNetworkParams
IpRenewAddress
GetBestInterface
GetAdapterOrderMap
GetNumberOfInterfaces
FlushIpNetTable
IpReleaseAddress
CreateIpNetEntry
DeleteProxyArpEntry
GetIpForwardTable

msi

ord266
ord94
ord110
ord68
ord212
ord180
ord203
ord42
ord169
ord16
ord228
ord241
ord244
ord45
ord72
ord176
ord155
ord227
ord67
ord239
ord218
ord204
ord267
ord213
ord11
ord41
ord269
ord215
ord202
ord172
ord274
ord181
ord141
ord82
ord104
ord249
ord14
ord255
ord264
ord229
ord157
ord250
ord36
ord108
ord7
ord44
ord272
ord66
ord137
ord174
ord43
ord275
ord130
ord259
ord256
ord40
ord265
ord268
ord95
ord216
ord102
ord262
ord10
ord81
ord225
ord271
ord87
ord179
ord39
ord237
ord231
ord190
ord90
ord83
ord251
ord126

msimg32

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

072566e5cb8f2da417cd0d02d5b2e17f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

activeds

iphlpapi

msi

msimg32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 193KB - Virtual size: 200KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 193KB - Virtual size: 200KB

.reloc
Size: 6KB - Virtual size: 5KB