ee8dd605710f79bbe1a0e7440ba1c37a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ee8dd605710f79bbe1a0e7440ba1c37a_JaffaCakes118
Size

508KB
MD5

ee8dd605710f79bbe1a0e7440ba1c37a
SHA1

8cf9d3026ff8f36394dbb156dfc25d8424010a23
SHA256

bdee57a0d57b920acfdafd9834c295752b05aaf612cc195cf51cb5383623acba
SHA512

a79f8d6694e4d9bcee14720b075bd449670f1b5e547467e09f81fa563038d7e42b19dc1f5ab5b6083509a03433a6288317d1f1b0a60b2d6a8ccab912d069d923
SSDEEP

12288:SiONBeIltDjHiZB7MMnMMMMMVTreC9seKiNCI5Ko0SHPDg:SiOeSJDiZdMMnMMMMMVne7eKioA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee8dd605710f79bbe1a0e7440ba1c37a_JaffaCakes118

Files

ee8dd605710f79bbe1a0e7440ba1c37a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ebde8f28ce4e5186c445f236f4b6060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamLookupNamesInDomain
SamConnectWithCreds
SamConnect

advapi32

RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
DeregisterEventSource
RegisterEventSourceA
RegQueryValueA
ReportEventA
RegCloseKey
RegEnumValueW
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExW
RegCreateKeyW
SetSecurityDescriptorDacl
RegSetValueExW
RegEnumKeyW
RegEnumKeyA
RegDeleteKeyW
RegSetValueExA
InitializeSecurityDescriptor
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
RegSetValueA
RegDeleteValueW
RegOpenKeyW
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA

ddraw

DirectDrawEnumerateA

user32

SetWindowsHookExA
SetWindowRgn
CreateIcon
GetKeyboardLayout
DdeGetData
CopyRect
PtInRect
SetPropA
SetWindowTextA
PostThreadMessageA
DdePostAdvise
FindWindowW
SetMenu
CreateCursor
DdeUninitialize
IsCharAlphaA
CopyAcceleratorTableA
ScreenToClient
DefWindowProcA
DdeCreateDataHandle
GetScrollInfo
GetDCEx
GetMenuStringA
SetDlgItemTextA
GetUpdateRgn
PostQuitMessage
GetMenuItemCount
IsChild
SubtractRect
GetQueueStatus
CharLowerBuffW
SetScrollInfo
GetWindowDC
GetWindowRgn
GetKeyboardState
DrawTextA
GetUpdateRect
DestroyMenu
SetCursor
SetScrollRange
GetSystemMenu
GetMenuState
GetDesktopWindow
FillRect
GetClipboardFormatNameA
MessageBoxIndirectA
GetCaretPos
DdeClientTransaction
DestroyCursor
EqualRect
GetActiveWindow
FrameRect
MessageBeep
WaitForInputIdle
GetCapture
GetWindowThreadProcessId
InflateRect
ClientToScreen
GetLastActivePopup
SendDlgItemMessageA
LoadAcceleratorsA
RegisterClassA
DrawFocusRect
CharUpperBuffA
CharNextA
EmptyClipboard
DdeQueryConvInfo
DefFrameProcA
SetActiveWindow
CallNextHookEx
GetSysColor
GetWindowTextA
LoadImageA
DdeAbandonTransaction
DispatchMessageA
DdeConnect
DdeQueryStringA
DestroyIcon
ShowCaret
IsClipboardFormatAvailable
GetCaretBlinkTime
DrawMenuBar
AdjustWindowRect
ClipCursor
SetWindowLongA
CharToOemBuffA
GetClassInfoExA
PostMessageW
OpenClipboard
ShowScrollBar
SetRect
SendMessageA
CharUpperA
UpdateWindow
CreateAcceleratorTableA
BringWindowToTop
GetDlgItem
IntersectRect
DdeNameService
SetForegroundWindow
DefMDIChildProcA
KillTimer
IsWindowEnabled
GetParent
SetKeyboardState
TranslateMDISysAccel
keybd_event
GetSystemMetrics
CharUpperBuffW
GetDoubleClickTime
GetFocus
CreatePopupMenu
GetMessagePos
HideCaret
ShowWindow
SetWindowContextHelpId
CreateMenu
DdeCreateStringHandleA
CheckMenuItem
OffsetRect
InsertMenuA
LoadIconA
CharLowerA
LoadCursorA
DestroyCaret
SetCursorPos
GetSubMenu
InvalidateRgn
CharPrevA
MsgWaitForMultipleObjects
EnumClipboardFormats
IsWindow
SetCaretPos
GetDC
GetMessageTime
PeekMessageW
AppendMenuA
GetForegroundWindow
CreateWindowExA
EndDialog
EnableMenuItem
GetMenu
DdeFreeDataHandle
DdeCmpStringHandles
GetScrollPos
TabbedTextOutA
SetScrollPos
DdeGetLastError
GetIconInfo
SetCapture
LockWindowUpdate
WaitMessage
UnregisterClassA
TrackPopupMenu
GetClassNameA
GetClipboardData
SetClipboardData
SetFocus
SetWindowsHookExW
GetClassInfoA
CharToOemA
CallWindowProcA
VkKeyScanA
DestroyAcceleratorTable
GetWindow
GetCursor
WindowFromPoint
ReleaseCapture
UnhookWindowsHookEx
RemoveMenu
GetKeyState
SetTimer
CreateDialogParamA
DialogBoxParamA
IsRectEmpty
RegisterClassExA
EndDeferWindowPos
GetWindowLongA
GetTabbedTextExtentA
GetClientRect
EnableWindow
BeginPaint
SetWindowPos
AttachThreadInput
LoadStringA
InvalidateRect
DestroyWindow
EndPaint
DeferWindowPos
FindWindowA
DrawFrameControl
ToAscii
SetParent
PostMessageA
GetPropA
DdeInitializeA
LoadBitmapA
IsZoomed
BeginDeferWindowPos
RemovePropA
SystemParametersInfoA
MapWindowPoints
GetAsyncKeyState
WinHelpA
CloseClipboard
ShowCursor
CreateCaret
IsIconic
MessageBoxA
DdeFreeStringHandle
TranslateMessage
IsWindowVisible
GetCursorPos
VkKeyScanW
GetMenuItemInfoA
RegisterClipboardFormatA
ModifyMenuA
GetMenuItemID
IsDialogMessageA
GetWindowTextLengthA
MoveWindow
PeekMessageA
GetWindowRect
OemToCharA
ReleaseDC
wsprintfA
CharLowerBuffA
EnumThreadWindows
DdeSetUserHandle
SetMenuItemInfoA
AdjustWindowRectEx
SetMenuDefaultItem
DeleteMenu
DdeDisconnect
DrawIcon

ole32

OleSave
OleLoad

kernel32

_lread
UnlockFile
GetCurrentProcessId
FindNextFileA
IsDBCSLeadByte
FreeEnvironmentStringsW
InitializeCriticalSection
GetUserDefaultLCID
GetTempFileNameA
CreateProcessA
HeapAlloc
EnterCriticalSection
FreeEnvironmentStringsA
CreateFileA
Sleep
GlobalUnlock
TlsGetValue
LoadLibraryA
GetCurrentThreadId
SetCurrentDirectoryA
HeapCreate
InterlockedIncrement
FlushInstructionCache
GetLocalTime
GetVersionExA
GetOEMCP
GetModuleFileNameA
GetStartupInfoA
GetStringTypeW
SetFileAttributesA
GlobalAlloc
ReleaseSemaphore
lstrcmpA
WinExec
FindClose
GetEnvironmentStrings
SetEndOfFile
GetVolumeInformationA
_lclose
GetStdHandle
FormatMessageA
GetEnvironmentStringsW
GlobalAddAtomA
lstrlenA
CreateSemaphoreA
GetDateFormatA
SetErrorMode
FindFirstFileA
GlobalSize
TlsFree
GetSystemDefaultLCID
DeleteFileA
_lwrite
GetSystemDirectoryA
VirtualQuery
RtlUnwind
GetLastError
GetSystemDefaultLangID
InterlockedDecrement
TerminateProcess
GlobalDeleteAtom
GetDriveTypeA
GetTickCount
WideCharToMultiByte
GetFileTime
SetLastError
lstrcatA
HeapSize
WaitForSingleObject
FormatMessageW
GlobalFree
MulDiv
GetStringTypeExA
GetExitCodeProcess
GetTimeZoneInformation
UnhandledExceptionFilter
HeapFree
lstrcpyA
GetACP
lstrcmpiA
GetTempPathA
FileTimeToSystemTime
HeapReAlloc
LeaveCriticalSection
GetProfileStringA
SetEvent
VirtualProtect
CreateThread
SystemTimeToFileTime
MoveFileA
FreeLibrary
FileTimeToLocalFileTime
CloseHandle
LoadLibraryExA
LockFile
TlsAlloc
GetFileType
ExitProcess
GetCurrentDirectoryA
SearchPathA
VirtualFree
SetLocalTime
CreateProcessW
GetModuleHandleA
ResumeThread
GetSystemTime
LCMapStringW
CompareStringA
SetEnvironmentVariableA
GetFileAttributesA
lstrcmpiW
IsBadCodePtr
WriteFile
GetFullPathNameA
ExitThread
LCMapStringA
ResetEvent
ReadFile
DuplicateHandle
FlushFileBuffers
SizeofResource
CreateDirectoryA
LockResource
DeleteCriticalSection
_llseek
GetVersion
GetShortPathNameA
GetProcAddress
SetFilePointer
CreateEventA
FindResourceA
GlobalHandle
LoadResource
HeapDestroy
GetLocaleInfoA
GlobalLock
GetModuleFileNameW
SetStdHandle
VirtualAlloc
RaiseException
GetUserDefaultLangID
lstrcpynA
GlobalReAlloc
GetStringTypeA
GetCPInfo
IsBadReadPtr
SetFileTime
SetHandleCount
RemoveDirectoryA
CompareStringW
FreeResource
GetWindowsDirectoryA
GetSystemInfo
GetCommandLineA
TlsSetValue
MultiByteToWideChar
GetCurrentProcess

ws2_32

WSAConnect
setsockopt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 155KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ebde8f28ce4e5186c445f236f4b6060

Headers

File Characteristics

Imports

samlib

advapi32

ddraw

user32

ole32

kernel32

ws2_32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 11KB - Virtual size: 10KB

.data Size: 155KB - Virtual size: 1.0MB

.rsrc Size: 132KB - Virtual size: 131KB

.rdata Size: 207KB - Virtual size: 207KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 11KB - Virtual size: 10KB

.data
Size: 155KB - Virtual size: 1.0MB

.rsrc
Size: 132KB - Virtual size: 131KB

.rdata
Size: 207KB - Virtual size: 207KB