ea883310924e293e976bdf1ea2839d8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea883310924e293e976bdf1ea2839d8e_JaffaCakes118
Size

41KB
MD5

ea883310924e293e976bdf1ea2839d8e
SHA1

3fc1e1c566c6966a4ca9bf9d0e900ab477d40c92
SHA256

b43aab825abf4872e641fd3685e790a8ae454bdda90d859670d23bd797654bec
SHA512

ffb5ad3fec4fbbb78f269358d46f8a24d80a10f738b9387827b1925eebf757ece6cad3a1f233fe0ad435c7b35104358e0cf70427987b8139b1db2cb42a416f9d
SSDEEP

768:qZ+9Agbm5otiC6Wusu2oYa9+d8vnjkAZjsYT1FD1H1Aifz2+l5q20gOKuvMxC:qgvavCYxD9+dInjkAZ51JjAi5z0gyvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea883310924e293e976bdf1ea2839d8e_JaffaCakes118

Files

ea883310924e293e976bdf1ea2839d8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25ca4bee3d6282c4c51d020f2527293b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
LeaveCriticalSection
GetFileTime
SearchPathA
PeekConsoleInputA
GetModuleFileNameA
InitializeCriticalSection
IsBadWritePtr
SetConsoleMode
ReadConsoleOutputW
LoadLibraryA
LocalFileTimeToFileTime
RemoveDirectoryA
DeleteCriticalSection
InterlockedDecrement
CreateFileMappingA
GetFileInformationByHandle
SetCurrentDirectoryA
SetErrorMode
GetConsoleCP
WaitForSingleObject
BackupWrite
ReadConsoleOutputA
SetConsoleWindowInfo
PeekConsoleInputW
GetFullPathNameA
SetConsoleCtrlHandler
SetFilePointer
GetFileSize
WriteConsoleInputW
GetConsoleOutputCP
IsBadReadPtr
VirtualAlloc
GetNumberFormatA
CreateProcessA
SetConsoleActiveScreenBuffer
SetConsoleCursorPosition
WaitForMultipleObjects
SetLastError
GetEnvironmentVariableA
IsBadCodePtr
SystemTimeToFileTime
FlushConsoleInputBuffer
GetLastError
SetFileApisToANSI
FileTimeToLocalFileTime
GetTickCount
GetCompressedFileSizeA
GetConsoleCursorInfo
FileTimeToDosDateTime
GetComputerNameA
OpenProcess
FormatMessageA
FindFirstFileA
MapViewOfFile
QueryDosDeviceA
FindClose
SetConsoleCursorInfo
DefineDosDeviceA
GetLargestConsoleWindowSize
GetConsoleScreenBufferInfo
GetModuleHandleA
SetConsoleTitleA
ReleaseMutex
GlobalMemoryStatus
TerminateProcess
FindNextFileA
SetConsoleCP
SetEndOfFile
GetDiskFreeSpaceA
FindCloseChangeNotification
CreateFileW
EnterCriticalSection
FlushFileBuffers
MoveFileExA
ReadConsoleInputW
WriteFile
FindFirstChangeNotificationA
AllocConsole
SetConsoleScreenBufferSize
RaiseException
GetCurrentThreadId
SetFileTime
SetStdHandle
GetCurrentProcessId
MoveFileA
CopyFileA
CreateMutexA
LoadLibraryExA
GetVersionExA
GetConsoleMode
lstrcmpiA
GetVolumeInformationA
InterlockedIncrement
CompareStringA
GetSystemTimeAsFileTime
ReadConsoleInputA
SetFileApisToOEM
WriteConsoleOutputW
GetFileType
CreateFileA
GetShortPathNameA
FreeLibrary
WriteConsoleOutputA
CreateDirectoryA
FreeConsole
GetStdHandle
GetLogicalDrives
GetFileAttributesA
SetEnvironmentVariableA
SetConsoleOutputCP
ReadConsoleA
DeleteFileA
SetConsoleTextAttribute
GetLocaleInfoA
ReadFile
UnmapViewOfFile
GetCurrentDirectoryA

crypt32

CertAddEncodedCTLToStore

shell32

IsLFNDrive
Shell_MergeMenus
IsNetDrive
DAD_DragLeave
SHChangeNotifyDeregister
Shell_GetCachedImageIndex
Shell_GetImageLists
DllInstall
SHILCreateFromPath
DriveType
DAD_DragEnterEx
DllGetVersion
DragFinish
DllCanUnloadNow
PathResolve
RestartDialog
SHDefExtractIconW
PifMgr_OpenProperties
SHCoCreateInstance
PickIconDlg
GetFileNameFromBrowse
SHStartNetConnectionDialogW
DllUnregisterServer
DllRegisterServer
SHChangeNotifyRegister
DllGetClassObject
PathQualify
SHGetSetSettings

rpcrt4

NdrAsyncServerCall
NDRCContextMarshall
NdrByteCountPointerUnmarshall
NdrAsyncClientCall
NDRcopy
NdrByteCountPointerFree
DllGetClassObject
MesBufferHandleReset
MesDecodeIncrementalHandleCreate
NdrByteCountPointerBufferSize
MesInqProcEncodingId
NdrAllocate
MesIncrementalHandleReset
CStdStubBuffer_CountRefs
DllRegisterServer
NdrConformantStructBufferSize
CreateStubFromTypeInfo
MesHandleFree
NdrClientInitialize
MesEncodeFixedBufferHandleCreate
NDRCContextBinding
NDRSContextMarshall
DceErrorInqTextW
NDRSContextMarshallEx

oleacc

CreateStdAccessibleProxyA
CreateStdAccessibleProxyW
GetRoleTextW
AccessibleObjectFromWindow
GetStateTextA
DllGetClassObject
GetOleaccVersionInfo
DllUnregisterServer
LresultFromObject
ObjectFromLresult
IID_IAccessible
CreateStdAccessibleObject
GetStateTextW
DllCanUnloadNow
IID_IAccessibleHandler
GetRoleTextA
LIBID_Accessibility
WindowFromAccessibleObject
AccessibleObjectFromEvent
AccessibleChildren
AccessibleObjectFromPoint

ws2_32

socket
accept
WSAStartup
WSACleanup
WSAGetLastError
connect
send

olecli32

OleEqual
OleSetBounds
OleCopyToClipboard
OleSetHostNames
OleCreateFromClip
OleQueryType
OleSetTargetDevice
OleCreateLinkFromClip
OleCopyFromLink
OleQueryCreateFromClip
OleClone
OleLoadFromStream
OleQueryLinkFromClip
OleDelete
OleSaveToStream

user32

EndDialog
MessageBoxA
GetWindowRect
ShowWindow
GetClientRect
GetDlgItem
LoadStringW
GetDC
GetSystemMetrics
ReleaseDC
EnableWindow
TranslateMessage

ole32

CoCreateInstanceEx
CoCopyProxy
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoCreateObjectInContext
CoBuildVersion
CoAllowSetForegroundWindow
CLIPFORMAT_UserSize
CLSIDFromProgIDEx
CLIPFORMAT_UserUnmarshal
CLSIDFromString
OleInitialize
OleSetClipboard
CoAddRefServerProcess
CoDisableCallCancellation
CLIPFORMAT_UserMarshal
CoCreateGuid
CLSIDFromProgID
CLIPFORMAT_UserFree
OleGetClipboard

version

GetFileVersionInfoA
VerLanguageNameA

gdi32

GetDeviceCaps
SetBkColor
SelectClipRgn
GetObjectA
SetTextColor
CreatePalette
BitBlt
CreateDIBitmap
MoveToEx
LineTo
CreateRectRgn
CreateFontIndirectA
GetStockObject
UnrealizeObject
SaveDC
ExtTextOutA
RestoreDC
CreatePen
GetTextExtentPointA
GetTextMetricsA
SelectPalette
DeleteDC
CreateSolidBrush
SelectObject
DeleteObject
CreateCompatibleDC

Sections

.text
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ca4bee3d6282c4c51d020f2527293b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crypt32

shell32

rpcrt4

oleacc

ws2_32

olecli32

user32

ole32

version

gdi32

Sections

.text Size: 1024B - Virtual size: 982B

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 20KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 1024B - Virtual size: 982B

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 20KB

.rsrc
Size: 9KB - Virtual size: 9KB