da4a2b0a0afe434cdeacc758ceb41a57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da4a2b0a0afe434cdeacc758ceb41a57_JaffaCakes118
Size

288KB
MD5

da4a2b0a0afe434cdeacc758ceb41a57
SHA1

b9338c8dc83d5d344a7b64b95b3870bfcf91a44d
SHA256

fdf618d2a5feb3e5d296b90e63ee837ceab9adb84ca2733ace7783ad36f60d63
SHA512

9184ab0750972e32fc1d6b5aaf758b4c2d559afde73901628a1a9ac9c3d2077822238367a755eb382f59f8114e7dbfee9d7e899abf3a7aa5c681ee54f1296437
SSDEEP

3072:JG0BCU9/A0MmV1ysE38TSPYZykofsAT1g9AB:QTU9//1ysE38TSPYELT1T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4a2b0a0afe434cdeacc758ceb41a57_JaffaCakes118

Files

da4a2b0a0afe434cdeacc758ceb41a57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

956e13668e7d138c9bc40256c0cd9f8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

send
ioctlsocket
WSAStartup
connect
htons
WSACleanup
closesocket
recv
socket

kernel32

ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapFree
CreateThread
ExitThread
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
SetEndOfFile
RtlUnwind
GlobalAddAtomA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
ReadFile
SetFilePointer
WriteFile
CreateFileA
GetCurrentProcess
GetOEMCP
SetErrorMode
SizeofResource
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GetLastError
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
DeleteCriticalSection
TlsFree
GlobalHandle
LocalFree
TlsAlloc
InitializeCriticalSection
MulDiv
LocalAlloc
lstrcpynA
FreeLibrary
SetLastError
GlobalDeleteAtom
LoadLibraryA
GlobalGetAtomNameA
GetVersion
lstrcatA
UnhandledExceptionFilter
GlobalFindAtomA
GlobalAlloc
lstrcpyA
GetModuleHandleA
GetProcAddress
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProfileStringA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA

user32

DefWindowProcA
CreateWindowExA
GetClassLongA
GetMenuItemID
SetPropA
GetMenuItemCount
GetMenu
GetSubMenu
wsprintfA
WinHelpA
GetCapture
RegisterClassA
GetClassInfoA
GetTopWindow
CopyRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadStringA
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
DrawTextA
GrayStringA
LoadCursorA
UpdateWindow
GetClassNameA
PtInRect
GetSysColorBrush
InvalidateRect
TabbedTextOutA
UnhookWindowsHookEx
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetPropA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
MessageBoxA
SetCursor
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetMenuItemBitmaps
CheckMenuItem
IsWindowUnicode
CharNextA
DefDlgProcA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
InflateRect

gdi32

GetTextExtentPointA
BitBlt
PatBlt
CreateDIBitmap
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

comctl32

ord17

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

956e13668e7d138c9bc40256c0cd9f8d

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 13KB

.text Size: 156KB - Virtual size: 156KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 13KB

.text
Size: 156KB - Virtual size: 156KB