ddf213af2398313fbbab060f48968499_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ddf213af2398313fbbab060f48968499_JaffaCakes118
Size

504KB
MD5

ddf213af2398313fbbab060f48968499
SHA1

6cf48ff4999b6697076fac8aba03a3c2e5b6e7dd
SHA256

e11c6b8b5b102a0b3bdb0756496594c0ba37f08d27320a7bde4d7f70fbd63256
SHA512

efb5032c1ef5aecc40610537733ef4dde2abc84501907dc7cb7a72c04d248a759ec1b85efebae00c81067382969f5f34d54ebba10cf9ba9ad6f13578842a9aa8
SSDEEP

6144:c867hSKXt8UaTxPMhvXoIdUbYgiE9ZrH16Ov1rN2s4JI/yUICVL8VfaDCFToWQs:y7G5xP+L6kZE9VV6O1MUgfaOzQs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf213af2398313fbbab060f48968499_JaffaCakes118

Files

ddf213af2398313fbbab060f48968499_JaffaCakes118
.exe windows:5 windows x86 arch:x86

60ef683643ca1c2ba219017b2c3b255a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
CloseHandle
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
ReadFile
GetModuleFileNameA
lstrcpyA
lstrcatA
FindFirstFileA
lstrcmpiA
CopyFileA
FindNextFileA
FindClose
LoadLibraryW
GetProcAddress
HeapAlloc
FlushFileBuffers
GetVersionExA
GetSystemDirectoryA
EnumSystemLanguageGroupsA
EnumUILanguagesA
GetModuleFileNameW
GetCPInfoExA
EnumSystemCodePagesA
CreateFileA
CreateFileMappingA
GetStdHandle
WriteFile
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
LoadLibraryA
MapViewOfFile
GetSystemTime
Sleep
SetSystemPowerState
GetCurrentProcess
GetLastError
TlsFree
TlsSetValue
GetCommState
CreateWaitableTimerA
SetWaitableTimer
LocalAlloc
TlsAlloc
TlsGetValue
CreateNamedPipeA
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
HeapFree
RtlUnwind
ConnectNamedPipe
GetModuleHandleA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
SetFilePointer

user32

PostQuitMessage
DefWindowProcA
LoadCursorA
LoadIconA
GetUpdateRgn
ExitWindowsEx
CheckMenuItem
GetMenu
SendMessageA
RegisterClassA
CreateWindowExA
ShowWindow
LoadImageA
GetSysColor
FillRect
OemKeyScan
GetCursorPos
TrackPopupMenu
FindWindowA
GetWindowThreadProcessId
InflateRect
GetDlgItem
GetSystemMetrics
IsDlgButtonChecked
DrawMenuBar
GetDesktopWindow
GetWindowRect
ReleaseDC
LoadBitmapA
SetScrollPos
SetTimer
FindWindowExW
GetWindowTextW
FindWindowExA
KillTimer
GetMenuState
DestroyWindow
SetMenuItemBitmaps
EnumChildWindows
BeginPaint
MessageBoxA
SetWindowTextA
GetDC
GetClientRect
RegisterWindowMessageA

gdi32

GetStockObject
CreateSolidBrush
BitBlt
SetPixelFormat
CreateFontIndirectA
GetTextMetricsA
SetTextAlign
SetBkColor
CreateCompatibleBitmap
GetPixel
DeleteDC
GetTextCharsetInfo
CreateDIBSection
SetBkMode
CreateHatchBrush
CreateFontA
SetTextColor
DeleteObject
CreatePolygonRgn
CreatePen
SelectObject
MoveToEx
CreateCompatibleDC
CreateRectRgn
GetRegionData

comdlg32

GetOpenFileNameA
FindTextA

advapi32

OpenEventLogW
CloseEventLog
GetOldestEventLogRecord
ReadEventLogA

shell32

ShellExecuteA
SHAddToRecentDocs

ole32

CoCreateInstance
CoInitialize

ws2_32

WSAGetLastError
WSACreateEvent

psapi

EmptyWorkingSet
GetWsChanges

avifil32

AVIStreamOpenFromFileA
AVIStreamStart
AVIStreamReadFormat
AVIFileInit
AVIStreamInfoA
AVIFileCreateStreamA
AVIFileOpenA
AVIFileInfoA
AVIFileGetStream
AVIStreamLength
AVIStreamSetFormat

msvfw32

ord2
MCIWndCreateA
DrawDibOpen
DrawDibDraw

winscard

SCardGetProviderIdW

winmm

timeGetTime

crypt32

CertGetNameStringA

shlwapi

StrToIntExA
PathFindFileNameA
PathRemoveArgsA

rpcrt4

UuidToStringW
UuidCreateSequential

opengl32

glRenderMode
glGetIntegerv
glSelectBuffer
glInitNames
glOrtho
glPushName
glMatrixMode
glPushMatrix
glLoadIdentity

glu32

gluPickMatrix

setupapi

CM_Invert_Range_List
CM_Is_Dock_Station_Present
CM_Locate_DevNodeA

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60ef683643ca1c2ba219017b2c3b255a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

psapi

avifil32

msvfw32

winscard

winmm

crypt32

shlwapi

rpcrt4

opengl32

glu32

setupapi

wtsapi32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 6KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 318KB - Virtual size: 318KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 6KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 318KB - Virtual size: 318KB