dee2b5b2874468ad8451e565e6492a9d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dee2b5b2874468ad8451e565e6492a9d_JaffaCakes118
Size

22KB
MD5

dee2b5b2874468ad8451e565e6492a9d
SHA1

ea8a3e34b6afb3527ed0ff0ea8c14fda3954a4cb
SHA256

f1f6189c7e85f82419fa2aaf14853e2eb288c098149c3d18e3a3c61436cc5f09
SHA512

8cebddc6b8572fed777263f1a5fa89f178c8ae62a7059c3e34e7b8be393b39c7d13fd9610f0395b0cd6ed024e8c25f7b10007658975ede58c6542b887c7182ef
SSDEEP

384:8OU+IDLczLwq5jBohvULbpgQ7+wHb66EVtE4+TNAFniouAUqQ:8D+I8zLwqTrFgQ75660+TGFiNmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee2b5b2874468ad8451e565e6492a9d_JaffaCakes118

Files

dee2b5b2874468ad8451e565e6492a9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efb2b0ac8c6129edfcac6aa01789181

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsCopyStringEx

user32

SetWindowLongA
DefWindowProcA
PostMessageW
SetFocus
GetWindowRect
ReleaseDC
ShowWindow
MessageBoxA
UpdateWindow
GetParent
SetWindowPos
EnableWindow
MessageBoxW
EndDialog
GetDC
wsprintfA
SetTimer
CharNextA
InvalidateRect
CharNextW
LoadStringW
GetSysColor
GetWindowLongW
SetCursor
GetDlgItem
GetDesktopWindow
SendMessageW
CreateWindowExA
GetClientRect
PostQuitMessage

oleaut32

SetErrorInfo
SysAllocStringByteLen
SafeArrayGetUBound
SysStringLen
SafeArrayAccessData
VariantChangeType
GetErrorInfo
SafeArrayPtrOfIndex
VariantClear
LoadTypeLib
SafeArrayGetElement
SysStringByteLen
SafeArrayUnaccessData
VariantCopyInd
VariantCopy
GetActiveObject
SysReAllocStringLen
CreateErrorInfo
VariantInit
VariantChangeTypeEx
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayCreate
SysFreeString
LoadTypeLibEx

kernel32

CreateFileMappingA
AddAtomW
FileTimeToLocalFileTime
IsDBCSLeadByte
IsBadCodePtr
VirtualFree
FindResourceA
DeviceIoControl
VirtualAlloc
GetLastError
CreateFileMappingW
CreateMutexA
GetExitCodeProcess
FindNextFileA
ExitProcess
SetFileAttributesA
CreateMutexW
MulDiv
CreateProcessW
SizeofResource
ResumeThread
ExpandEnvironmentStringsA
LoadLibraryExA
WriteConsoleW
RaiseException
GetTempPathA
GetWindowsDirectoryW
SetThreadPriority
lstrcatW
GetCurrentProcess
GetCommandLineW
RemoveDirectoryW
GetFullPathNameW
CloseHandle
GetComputerNameW
CreateDirectoryA
OpenProcess
LockResource
OutputDebugStringW
IsValidCodePage

shell32

GetFileNameFromBrowse
SHChangeNotifyDeregister
DragFinish
SHStartNetConnectionDialogW
DllGetVersion
SHGetSetSettings
PathQualify
IsLFNDrive
RestartDialog
Shell_GetImageLists
PathResolve
DriveType
SHILCreateFromPath
DAD_DragMove
SHChangeNotifyRegister
SHCoCreateInstance
IsNetDrive
SHDefExtractIconW
Shell_GetCachedImageIndex
DAD_DragEnterEx
DllCanUnloadNow
Shell_MergeMenus
DAD_DragLeave
PickIconDlg
PifMgr_OpenProperties
DllRegisterServer
DllGetClassObject
DllInstall
DllUnregisterServer
DragAcceptFiles

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
FreeSid
RegDeleteKeyW
RegCreateKeyExA
OpenProcessToken
RegOpenKeyExW
InitializeSecurityDescriptor
GetTokenInformation
RegEnumValueW
OpenThreadToken
RegOpenKeyExA
RegEnumKeyExA
AllocateAndInitializeSid
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExA
RegEnumKeyExW
RegCreateKeyExW
CloseServiceHandle
RegSetValueExW

rpcrt4

NdrAllocate
NdrAsyncClientCall
DllRegisterServer
MesEncodeFixedBufferHandleCreate
NdrByteCountPointerBufferSize
NDRSContextMarshallEx
MesHandleFree
DceErrorInqTextW
NdrClientInitialize
NDRCContextBinding
NDRSContextMarshall
NdrAsyncServerCall
CStdStubBuffer_CountRefs
NdrByteCountPointerFree
CreateStubFromTypeInfo
NdrConformantStructBufferSize
NdrByteCountPointerUnmarshall
MesBufferHandleReset
MesIncrementalHandleReset
DllGetClassObject
MesDecodeIncrementalHandleCreate
MesInqProcEncodingId
NDRCContextMarshall
NDRcopy

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4efb2b0ac8c6129edfcac6aa01789181

Headers

File Characteristics

Imports

dnsapi

user32

oleaut32

kernel32

shell32

advapi32

rpcrt4

Sections

.textbss Size: - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.debug Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.text Size: 512B - Virtual size: 454B

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.debug
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 454B

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 3KB