f32646de4d0e3c0ca559604225ae471a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f32646de4d0e3c0ca559604225ae471a_JaffaCakes118
Size

445KB
MD5

f32646de4d0e3c0ca559604225ae471a
SHA1

30e51a5170640ee79b65604d51d4f9a1c202110a
SHA256

877f9d77a44b29ff07a67fd2d61fe0e2653c317cee58b1f59f63b6d7f9266bb6
SHA512

cff7d7b8bb60794eaca10908c6260384da02eafed1ed858d58383c3cca4f973de7c118f439c60437ce5ceba4a7e88a10d018e8e5da7192141c8a3405f171deaf
SSDEEP

6144:nj4aJgQ6NTzZhu+Ywh3XofITS80ghHa4t1BYNk83ZbTNovPsd8Hs88:j/SFZoMh3X3Td0yFt1h8J5GO8M88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f32646de4d0e3c0ca559604225ae471a_JaffaCakes118

Files

f32646de4d0e3c0ca559604225ae471a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4489a04ce8b1fa2d659006540af9ab37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
HeapCreate
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
WriteFile
InterlockedDecrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateThread
ResumeThread
GetSystemTime
CloseHandle
_lopen
GetModuleHandleA
GetExitCodeThread
LocalAlloc
LoadLibraryA
GetLocalTime
LocalLock
GetProcAddress
LocalUnlock
SetLastError
GetLastError
GetStdHandle
lstrlenW
ReadFile
SetSystemPowerState
WriteConsoleW
LoadLibraryW
GetSystemTimeAsFileTime
_lclose
WaitForSingleObject
GetCurrentProcess
_lwrite
SystemTimeToFileTime
InterlockedIncrement
GetCurrentThreadId
ExitThread
HeapFree
ExitProcess
Sleep
GetModuleHandleW
HeapAlloc
CreateFileA
FillConsoleOutputCharacterA
VirtualFree

user32

UpdateWindow
SetCaretPos
BeginDeferWindowPos
SetClipboardData
LoadCursorA
EndDeferWindowPos
SetDlgItemTextA
ValidateRect
RegisterClassA
MessageBoxW
DefMDIChildProcA
DeferWindowPos
MoveWindow
ReleaseCapture
OpenClipboard
DispatchMessageA
CreateWindowExW
EndPaint
ClientToScreen
DestroyWindow
SetCursor
GetMessageA
CloseClipboard
GetDlgItemInt
GetWindowRect
CreateDialogParamA
RegisterClassExA
PostQuitMessage
SetCapture
DrawTextA
ReuseDDElParam
LoadBitmapA
GetParent
LoadMenuA
LoadIconA
RemovePropA
GetWindowInfo
GetClientRect
CreateMenu
SetFocus
GetWindowTextLengthA
SendMessageA
ShowCaret
BeginPaint
GetUpdateRect
GetDC
TranslateMessage
ShowCursor
SetDlgItemInt
GetMenu
SetWindowLongA
GetAncestor
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
SetWindowLongW
EndDialog
DefWindowProcA
GetCursorPos
EnumChildWindows
ShowWindow
GetSysColorBrush
AppendMenuA
PostMessageA

gdi32

ExtCreatePen
MoveToEx
BitBlt
Arc
SetDIBitsToDevice
SetGraphicsMode
SetViewportOrgEx
LineTo
SetTextColor
DeleteDC
GetDeviceCaps
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
Ellipse
SetDCPenColor
GetObjectType
CreatePatternBrush
CreatePen
GetTextMetricsA
RoundRect
SetTextAlign
GetObjectA
GetStockObject
CreateHatchBrush

comdlg32

GetOpenFileNameA

advapi32

OpenProcessToken
AdjustTokenPrivileges

ole32

CoUninitialize
CoInitialize

oleaut32

SystemTimeToVariantTime

winmm

mmioSeek
mmioStringToFOURCCA

crypt32

CertGetNameStringA

comctl32

InitCommonControlsEx

pdh

PdhBrowseCountersA

gdiplus

GdiplusShutdown
GdiplusStartup

uxtheme

SetThemeAppProperties

wsnmp32

ord600
ord504

ntdsapi

DsMakePasswordCredentialsA
DsMapSchemaGuidsA
DsReplicaAddA
DsRemoveDsServerA

mscms

TranslateColors

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4489a04ce8b1fa2d659006540af9ab37

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

winmm

crypt32

comctl32

pdh

gdiplus

uxtheme

wsnmp32

ntdsapi

mscms

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 11KB - Virtual size: 18KB

.rsrc Size: 288KB - Virtual size: 288KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 11KB - Virtual size: 18KB

.rsrc
Size: 288KB - Virtual size: 288KB

.reloc
Size: 10KB - Virtual size: 9KB