dbffa0c71df9b77d65d6c78766776ccb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbffa0c71df9b77d65d6c78766776ccb_JaffaCakes118
Size

161KB
MD5

dbffa0c71df9b77d65d6c78766776ccb
SHA1

95d768edbaf482a90ac6fcafd8eba578b0c6d592
SHA256

9647f5c111845d516083fa70b4d680cb35bcec1517b112497ee5a5646e62e992
SHA512

4d5d89f19c6bb13653345c388fbff9fd085371bfc99c4c2ff9f4ad3f1d5a03fc61c47c11ccf375d9942cfe095ad3a8734c3d6c4f7a55e23079c0b5da6cdcee69
SSDEEP

3072:XUFmdgnBXCCUoqlMYtlUZeHcjPZEMzjY3g+tYfvak5HhLl:XSUgnBSCU/rlQslMzjCBwvbxhLl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbffa0c71df9b77d65d6c78766776ccb_JaffaCakes118

Files

dbffa0c71df9b77d65d6c78766776ccb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

86416d22dbebebf0dbc0476602480991

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_initterm
_adjust_fdiv
wcsncpy
iswspace
bsearch
realloc
swscanf
_HUGE
__CxxFrameHandler
_ftol
_onexit
__dllonexit
malloc
_purecall
sprintf
??2@YAPAXI@Z
wcstod
rand
_CIpow
_wcsicmp
wcsrchr
wcsncmp
wcscmp
wcscat
wcschr
??3@YAXPAX@Z
wcscpy
wcslen

kernel32

GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
SetEvent
GlobalAlloc
GetUserDefaultLCID
lstrcmpW
lstrcpyW
CreateEventA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GlobalLock
GlobalUnlock
GetModuleFileNameA
lstrcatA
lstrcpyA
HeapDestroy
CloseHandle
GetCurrentThreadId
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
lstrcmpiA
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetLastError
lstrlenW
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
lstrcpynA

user32

InvalidateRect
IsWindow
DestroyWindow
SetFocus
LoadStringA
DefWindowProcA
CreateWindowExA
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
SetWindowLongA
GetParent
GetDC
ReleaseDC
GetDesktopWindow
UnregisterClassA
RegisterClassA
PostMessageA
PtInRect
UnionRect
ShowWindow
CallWindowProcA
CharNextA
PeekMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect

gdi32

DeleteDC
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
GetDeviceCaps
SetViewportOrgEx
SetMapMode
LPtoDP

advapi32

RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA

ole32

CreateOleAdviseHolder
CoCreateInstance
CLSIDFromProgID
CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
WriteClassStm
OleSaveToStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
StringFromGUID2
CLSIDFromString

oleaut32

OleCreatePropertyFrame
CreateErrorInfo
VariantClear
VariantInit
SysFreeString
SysStringLen
SysAllocStringLen
VariantCopy
SysAllocString
SysStringByteLen
SafeArrayCreateVector
VariantChangeType
LoadRegTypeLi
SetErrorInfo
RegisterTypeLi
VarI4FromStr
VariantChangeTypeEx
GetErrorInfo
SafeArrayDestroy
LoadTypeLi

winmm

timeSetEvent
timeGetDevCaps
timeKillEvent

urlmon

CreateAsyncBindCtx
URLOpenBlockingStreamA
URLOpenStreamA
HlinkSimpleNavigateToString
CoGetClassObjectFromURL

wininet

InternetCombineUrlA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9e3c
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1o2p
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.16as
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aeas
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.k1kl
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ps1i
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ta
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ksi1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.12i1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.123f
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eaa
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ze
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1teaX
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.134
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.724
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.182
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.381
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.832
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ii32
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i832
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i833
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i803
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86416d22dbebebf0dbc0476602480991

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

urlmon

wininet

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.9e3c Size: 204KB - Virtual size: 203KB

.1o2p Size: 204KB - Virtual size: 203KB

.16as Size: 512B - Virtual size: 216B

.aeas Size: 512B - Virtual size: 216B

.k1kl Size: 512B - Virtual size: 216B

.ps1i Size: 512B - Virtual size: 216B

.t3ta Size: 512B - Virtual size: 216B

.ksi1 Size: 512B - Virtual size: 216B

.12i1 Size: 512B - Virtual size: 216B

.123f Size: 512B - Virtual size: 216B

.eaa Size: 512B - Virtual size: 216B

.ze Size: 512B - Virtual size: 216B

.1teaX Size: 512B - Virtual size: 216B

.134 Size: 512B - Virtual size: 216B

.724 Size: 512B - Virtual size: 216B

.182 Size: 512B - Virtual size: 216B

.381 Size: 512B - Virtual size: 216B

.832 Size: 512B - Virtual size: 216B

.ii32 Size: 512B - Virtual size: 216B

.i832 Size: 512B - Virtual size: 216B

.i833 Size: 512B - Virtual size: 222B

.i803 Size: 512B - Virtual size: 222B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.9e3c
Size: 204KB - Virtual size: 203KB

.1o2p
Size: 204KB - Virtual size: 203KB

.16as
Size: 512B - Virtual size: 216B

.aeas
Size: 512B - Virtual size: 216B

.k1kl
Size: 512B - Virtual size: 216B

.ps1i
Size: 512B - Virtual size: 216B

.t3ta
Size: 512B - Virtual size: 216B

.ksi1
Size: 512B - Virtual size: 216B

.12i1
Size: 512B - Virtual size: 216B

.123f
Size: 512B - Virtual size: 216B

.eaa
Size: 512B - Virtual size: 216B

.ze
Size: 512B - Virtual size: 216B

.1teaX
Size: 512B - Virtual size: 216B

.134
Size: 512B - Virtual size: 216B

.724
Size: 512B - Virtual size: 216B

.182
Size: 512B - Virtual size: 216B

.381
Size: 512B - Virtual size: 216B

.832
Size: 512B - Virtual size: 216B

.ii32
Size: 512B - Virtual size: 216B

.i832
Size: 512B - Virtual size: 216B

.i833
Size: 512B - Virtual size: 222B

.i803
Size: 512B - Virtual size: 222B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 312B