f440fa474cd9b56eabcaec533575534c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f440fa474cd9b56eabcaec533575534c_JaffaCakes118
Size

784KB
MD5

f440fa474cd9b56eabcaec533575534c
SHA1

e2b186cc7a5aabb2e6f57cc4ce870d051c68c2ff
SHA256

ffab60c984ea7cb26874a93eda9fa5d9af376465e5a5b54770a511b377e55cb9
SHA512

949ba35475709f5ca2fa2b4cb2e3df43e62ed16c3641949f5092fdf3c24b754d619dfd864bc2f2555e1c19069aba18ebb0e05d6b6a6af1c217c2e10f472655e0
SSDEEP

12288:oDYGqPDIHSAUoE6G5l0ogbUaUQiydcgoG4YLlcHYK3L9jIq:Y/qrIHuP1l8UQiWcSlctFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f440fa474cd9b56eabcaec533575534c_JaffaCakes118

Files

f440fa474cd9b56eabcaec533575534c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca8af681074f7b2953911b28e0da8169

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetFileType
WriteConsoleW
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
FreeLibrary
SetLastError
GetCommandLineA
GetStartupInfoA
HeapDestroy
HeapCreate
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
IsDBCSLeadByte
lstrcmpiA
InterlockedIncrement
GetVolumeInformationA
SetHandleCount
Sleep
LoadLibraryW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetComputerNameA
SetConsoleTextAttribute
FillConsoleOutputCharacterA
CreateEventA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
ReadFile
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetCommandLineW
OpenFileMappingA
MapViewOfFile
VirtualAlloc
EnumDateFormatsA
GetVersionExA
LoadLibraryA
GetProcAddress
GetLastError
GetSystemTimeAsFileTime
WTSGetActiveConsoleSessionId
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
LocalAlloc
GlobalAlloc
CreatePipe
SetHandleInformation
CreateProcessA
CloseHandle
GetProcessHeap
HeapAlloc
HeapFree
CreateFileA
WriteFile
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
TlsFree
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedDecrement
lstrlenA
SizeofResource
ExitProcess

user32

ShowCaret
EndDeferWindowPos
GetScrollRange
SendDlgItemMessageA
SetCaretPos
EndPaint
DialogBoxParamA
RegisterWindowMessageA
MessageBoxW
CreateDialogParamW
PtInRect
IsWindow
MessageBeep
TrackPopupMenuEx
SetWindowPos
CallWindowProcA
MonitorFromPoint
IsDialogMessageA
GetMenuItemInfoA
RemoveMenu
GetMenuItemCount
AppendMenuA
DestroyMenu
CreatePopupMenu
InvalidateRect
UpdateWindow
OpenClipboard
FindWindowA
GetWindowRect
LoadStringW
PostQuitMessage
SetFocus
TranslateAcceleratorA
SetTimer
MapWindowPoints
PostMessageA
GetWindowLongA
SetScrollPos
EnableMenuItem
GetDC
ReleaseDC
ShowWindow
CreateDialogParamA
LoadIconA
ClientToScreen
SetActiveWindow
GetDialogBaseUnits
LoadStringA
LoadMenuA
LoadAcceleratorsA
CreateWindowExA
GetClassInfoExA
LoadCursorA
InsertMenuItemA
GetCursorPos
CloseClipboard
GetClipboardData
GetMonitorInfoA
GetSystemMetrics
LoadImageA
RegisterClassExA
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
GetDlgItem
SendMessageA
GetSystemMenu
CheckMenuItem
EnumDisplaySettingsA
BeginPaint
GetClientRect
SetWindowLongA
UnregisterClassA

gdi32

SetTextAlign
FlattenPath
GdiComment
GetTextCharsetInfo
GetPixel
SwapBuffers
SetTextJustification
GetTextExtentPoint32A
BeginPath
TextOutA
EndPath
StrokePath
CreateSolidBrush
GetTextMetricsA
CreateCompatibleDC
BitBlt
CreateEnhMetaFileA
GetDeviceCaps
CreateRectRgn
CombineRgn
DeleteObject
GetStockObject
SelectObject
SetDCPenColor
Rectangle
MoveToEx
LineTo
CreateFontIndirectA
SetBkColor
CreatePen
CloseEnhMetaFile

comdlg32

ChooseColorA

advapi32

ImpersonateLoggedOnUser
GetUserNameA
OpenProcessToken
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
LogonUserA
GetSecurityDescriptorControl
IsValidSecurityDescriptor

shell32

CommandLineToArgvW
ExtractIconExA
SHCreateShellItem

ole32

RegisterDragDrop
CoInitialize
CLSIDFromProgID
CreateStreamOnHGlobal
CoDisconnectObject
OleUninitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
OleInitialize

oleaut32

GetActiveObject
VarUI4FromStr
CreateErrorInfo
SysAllocString

shlwapi

ord14

comctl32

ImageList_Destroy
InitCommonControlsEx
ord17

opengl32

wglGetCurrentDC

wininet

InternetOpenUrlA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetReadFile

ws2_32

WSAStartup

netapi32

NetWkstaUserGetInfo
NetApiBufferFree
NetUserEnum

userenv

GetProfilesDirectoryA
GetDefaultUserProfileDirectoryA

avifil32

AVIStreamStart
AVIPutFileOnClipboard

winscard

SCardControl
SCardEndTransaction

version

GetFileVersionInfoSizeA

dbghelp

EnumerateLoadedModules

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

wtsapi32

WTSQuerySessionInformationA
WTSQueryUserToken

uxtheme

OpenThemeData

authz

AuthzInitializeResourceManager

ntdsapi

DsListInfoForServerW

tapi32

lineMonitorTones
lineNegotiateAPIVersion

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca8af681074f7b2953911b28e0da8169

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

opengl32

wininet

ws2_32

netapi32

userenv

avifil32

winscard

version

dbghelp

setupapi

wtsapi32

uxtheme

authz

ntdsapi

tapi32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 552KB - Virtual size: 550KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 552KB - Virtual size: 550KB