f53303d5bc12bed0ac10046ecaa24a30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f53303d5bc12bed0ac10046ecaa24a30_JaffaCakes118
Size

348KB
MD5

f53303d5bc12bed0ac10046ecaa24a30
SHA1

db5495c64c2244d58294993c86767a16ff57bda9
SHA256

beb9b626dab7de144a48c61a4964fa5b15e874d114161668f0b65da5e146f528
SHA512

2dc7b4f8dd8f1cec6d0734e4f8c0d32595b894c93f72f00b130e06f935e9c9d845c1a508e2c82f1ed45033eb548737834018eea32991c2cbb411e719056e56af
SSDEEP

6144:lVCzJ3TH2yU+/KvE6qLGZiRl/si3+iEcJC+hcO8ZtIUqmljABeo+t:TCzd2CCM6qzXVEKfcTtIUqmljABl+t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f53303d5bc12bed0ac10046ecaa24a30_JaffaCakes118

Files

f53303d5bc12bed0ac10046ecaa24a30_JaffaCakes118
.exe windows:5 windows x86 arch:x86

54d6072131f6604ff95a6af8c61eae26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

swprintf
_vsnprintf
_onexit
__dllonexit
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_adjust_fdiv
_initterm
_wtol
wcsstr
_wtoi
_wcsnicmp
_ftol
memmove
wcscmp
__RTDynamicCast
_purecall
realloc
__CxxFrameHandler
malloc
??2@YAPAXI@Z
free
??3@YAXPAX@Z

atl

ord21
ord18
ord22
ord23
ord15
ord32
ord30
ord16

kernel32

lstrlenA
GetModuleHandleA
IsBadWritePtr
GetProcAddress
LoadLibraryA
IsBadReadPtr
FreeLibrary
lstrcpynA
GetACP
TryEnterCriticalSection
lstrcmpA
IsBadStringPtrA
lstrcpyA
QueryPerformanceCounter
QueryPerformanceFrequency
CloseHandle
GetSystemTimeAsFileTime
SetEvent
RegisterWaitForSingleObject
UnregisterWait
CreateEventA
OutputDebugStringA
lstrcatA
GetLocalTime
HeapAlloc
GetProcessHeap
SetLastError
HeapFree
UnregisterWaitEx
WaitForSingleObject
WaitForMultipleObjects
CreateThread
QueueUserWorkItem
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
EnterCriticalSection
SleepEx
LeaveCriticalSection
DisableThreadLibraryCalls

ole32

CoInitializeEx
CoUninitialize
IIDFromString
StringFromIID
CoCreateFreeThreadedMarshaler
CreateBindCtx
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoCreateInstance
StringFromGUID2

oleaut32

VariantClear
SysAllocString
SysFreeString
LoadRegTypeLi
SetErrorInfo
VariantInit
VariantCopy
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegQueryValueExA

user32

GetWindowLongW
UnregisterClassW
DestroyWindow
DispatchMessageW
TranslateMessage
PeekMessageW
UnregisterDeviceNotification
MsgWaitForMultipleObjectsEx
RegisterDeviceNotificationW
CreateWindowExW
RegisterClassW
DefWindowProcW
LoadStringW
wsprintfW
SetWindowLongW

winmm

PlaySoundA

rtutils

TraceRegisterExA
TracePrintfA
TraceDeregisterA

Exports

Exports

?ewrwer@@YGHPAEH@Z
?i923847293874qh049qw@@YGXHID@Z

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.puup
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uuup
Size: 322KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kuup
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ouup
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54d6072131f6604ff95a6af8c61eae26

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

kernel32

ole32

oleaut32

advapi32

user32

winmm

rtutils

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 4KB

.puup Size: 512B - Virtual size: 4KB

.uuup Size: 322KB - Virtual size: 324KB

.kuup Size: 512B - Virtual size: 4KB

.ouup Size: 512B - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 444KB

.text
Size: 7KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 4KB

.puup
Size: 512B - Virtual size: 4KB

.uuup
Size: 322KB - Virtual size: 324KB

.kuup
Size: 512B - Virtual size: 4KB

.ouup
Size: 512B - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 444KB