d9d129217af80cb930e59bebe08a5746_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9d129217af80cb930e59bebe08a5746_JaffaCakes118
Size

128KB
MD5

d9d129217af80cb930e59bebe08a5746
SHA1

cdf3834d6238bcd8821fc795d2c07124b60179b6
SHA256

0d2ce14ddc0040f5243d88cc6f7c90a0b72734da359044293cc16826fcf0ca61
SHA512

2e0c47cde01ba20c4792bd01954d2ad2a639849e6038b39c2828ed7fec64124e336a9a3f6867d13857be92385e7e99945eed66936c52acd49f453a91618e503e
SSDEEP

3072:/C3LzxVCa7FidnwyYas+GFk1E6rjxuJsNCDJxwpqHVQ0H:/MzxVdRv8fG8rdEhEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9d129217af80cb930e59bebe08a5746_JaffaCakes118

Files

d9d129217af80cb930e59bebe08a5746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3995c7ba7a848eb50acf6b6dfdad24d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReadOleStg
IsEqualGUID
CoUninitialize

kernel32

GetModuleHandleA
GetSystemInfo
GetTempPathW
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
HeapAlloc
GetLogicalDriveStringsW
HeapFree
LocalShrink
MulDiv
OpenJobObjectW
SetThreadExecutionState
TryEnterCriticalSection
WaitForMultipleObjectsEx
HeapCreate
GetFileInformationByHandle
BeginUpdateResourceA
CreateFileA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EndUpdateResourceA
EnumTimeFormatsA
EraseTape
ExitProcess
FormatMessageA
GetFileAttributesExA
GetExitCodeProcess
GetCurrentProcessId
GetConsoleMode
GetCommandLineA

winmm

waveInStart
waveOutUnprepareHeader
mixerGetLineControlsA
joyGetPos
mmioInstallIOProcW
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInReset
mmioInstallIOProcA
joyConfigChanged

advapi32

InitializeSecurityDescriptor
SystemFunction013
SetSecurityDescriptorDacl
SetNamedSecurityInfoExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
OpenProcessToken
OpenEncryptedFileRawA
LsaSetInformationTrustedDomain
LsaClearAuditLog
GetTrusteeNameW
GetLengthSid
EqualSid
DuplicateToken
CryptEnumProvidersA
AddAccessDeniedAce
AddAccessAllowedAce

dinput

DirectInputCreateW

user32

UnpackDDElParam
TranslateMessage
ShowWindow
SetWindowPos
SetScrollRange
ScreenToClient
RegisterWindowMessageA
RegisterShellHookWindow
RegisterClassA
PeekMessageA
OpenDesktopA
AdjustWindowRect
CharToOemA
ClientToScreen
CreateMDIWindowA
DeregisterShellHookWindow
DestroyWindow
DispatchMessageA
GetClipboardData
GetForegroundWindow
GetIconInfo
GetUserObjectSecurity
GetWindowLongA
MessageBoxW
MsgWaitForMultipleObjects
OpenClipboard

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

ShellExecuteA
SHGetSpecialFolderPathW
SHFileOperationW

ws2_32

socket
send
listen
WSAAsyncGetServByName
WSAGetLastError
WSAStringToAddressA
WSAUnhookBlockingHook
connect
htons

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3995c7ba7a848eb50acf6b6dfdad24d7

Headers

File Characteristics

Imports

ole32

kernel32

winmm

advapi32

dinput

user32

version

shell32

ws2_32

Sections

.text Size: 92KB - Virtual size: 91KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 91KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB