fa303b6f86361a38a6ea3d382939f803_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa303b6f86361a38a6ea3d382939f803_JaffaCakes118
Size

113KB
MD5

fa303b6f86361a38a6ea3d382939f803
SHA1

9444bde591db6110086fc54f3589f72d88827408
SHA256

404b98569f8ff4d645f5ca12a557836ce47eda8ca57029c57918364c90f2953a
SHA512

09da304db02b1cb0fc59c4f897a14bfb74d58fab978f2fefa35e930bd49cae06d3968f7535fdf42eb530223465b875aa9d1e959f19b94725e7419704fa431f03
SSDEEP

1536:HbryBPdUlEH2sQwWfDjPOthlsP8DH/zroI1j5PLfp5Ep1j:Hbry+sQv7Un91jNTp5Ep1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa303b6f86361a38a6ea3d382939f803_JaffaCakes118

Files

fa303b6f86361a38a6ea3d382939f803_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c95f0ca8ac6dc539d874f1fe2ef2f4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetSystemWindowsDirectoryA
GetTickCount
ExpandEnvironmentStringsA
GetFileAttributesExA
WaitForSingleObject
TerminateThread
FreeLibrary
lstrcpyA
lstrcatA
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
SearchPathA
OpenFileMappingA
CreateFileMappingA
MapViewOfFileEx
CloseHandle
VirtualAlloc
UnmapViewOfFile
VirtualFree
VirtualProtect
GetModuleHandleA
lstrcmpA
GetModuleFileNameA
lstrlenA
lstrcmpiA
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
LCMapStringW
GetLastError
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapCreate
HeapReAlloc
GetModuleHandleW
Sleep
WriteFile
GetStdHandle
MultiByteToWideChar
ReadFile
SetHandleCount
GetFileType
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
InitializeCriticalSectionAndSpinCount
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA

gdi32

SetPixelV
SwapBuffers
AbortPath
DeleteEnhMetaFile
IntersectClipRect
GetGlyphIndicesA
SetDCPenColor
GetROP2
UpdateColors
TextOutW
InvertRgn
Ellipse
SaveDC
GetNearestColor
SetICMProfileA
CheckColorsInGamut
EnumFontsA
GetDCBrushColor
StartPage
PaintRgn
GdiComment
CloseFigure
GetTextFaceW
PolyPolyline
SetBkMode
GetCharABCWidthsI
FillPath
CreatePenIndirect
PathToRegion
GetMetaFileBitsEx
BitBlt
Polygon
GetTextExtentPoint32W
PolyBezierTo
SetTextJustification
AddFontResourceExW
AddFontResourceA
ArcTo
SetLayout
SetColorAdjustment
RemoveFontResourceExA
CopyEnhMetaFileA
EndDoc
OffsetWindowOrgEx
SetDIBits
LineTo
GetSystemPaletteEntries
GetBkMode
ScaleViewportExtEx
Arc
CreateBrushIndirect
GetEnhMetaFilePaletteEntries
GetBkColor
EnumMetaFile
AbortDoc
CreateScalableFontResourceA
StretchDIBits
StartDocW
GetOutlineTextMetricsA
SetMetaFileBitsEx
GetKerningPairsA
CreateEllipticRgn
EnumObjects
GetTextExtentPointW
CreateColorSpaceW
PtVisible
StrokeAndFillPath
GetTextMetricsW
GetTextCharacterExtra
CancelDC
GetCharABCWidthsA
CombineRgn
CreateSolidBrush
PolyBezier
SetBitmapBits
SetPolyFillMode
GetRasterizerCaps
GetTextExtentExPointI
GetCharWidthFloatW
SetICMMode
GetEnhMetaFileW
CreateMetaFileW
EnumEnhMetaFile
GetColorAdjustment
EndPath
CombineTransform
SetViewportExtEx
CreatePen
GetBrushOrgEx
SelectPalette
GetCurrentObject
WidenPath
SetColorSpace
GetMiterLimit
PolylineTo
SetDeviceGammaRamp
MaskBlt
SetStretchBltMode
CreateDIBPatternBrushPt
StrokePath
GetViewportExtEx
StartDocA
GetFontLanguageInfo
GetWinMetaFileBits
AngleArc
DescribePixelFormat
OffsetClipRgn
GetCurrentPositionEx
ExtSelectClipRgn
SetBkColor
SetPaletteEntries
SetTextAlign
GetCharABCWidthsW
SetEnhMetaFileBits
CopyEnhMetaFileW
RoundRect
EndPage
CreateRectRgnIndirect
GdiTransparentBlt
CreateBitmap
GetCharacterPlacementW
GetLogColorSpaceA
EnumICMProfilesA
CreateMetaFileA
CreateFontIndirectExW
GetCharacterPlacementA
CreateICW
SetMapMode
CreateCompatibleDC
AddFontResourceExA
SetArcDirection
SelectClipRgn
SetMiterLimit
GetSystemPaletteUse
SetBrushOrgEx
CreateEllipticRgnIndirect
PtInRegion
CreateHalftonePalette
DeleteColorSpace
SetBoundsRect
CreateScalableFontResourceW
CopyMetaFileW
GetBoundsRect
ExtCreateRegion
PolyDraw
GetGraphicsMode
GetWindowOrgEx
GetTextMetricsA
GetRandomRgn

comdlg32

ReplaceTextA
ChooseFontA
GetSaveFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

activeds

ord4
ord24
ord19
ord17
ord20
ord7
ord12
ord14
ord30
ord3

comsvcs

CoLeaveServiceDomain
RecycleSurrogate
MTSCreateActivity

crypt32

CertDeleteCertificateFromStore
CryptMemAlloc
CryptInitOIDFunctionSet
CertSetCRLContextProperty
CryptGetOIDFunctionAddress
CryptMsgVerifyCountersignatureEncodedEx
CryptVerifyDetachedMessageSignature
CertFindCTLInStore
CertCreateCTLContext
CertVerifyCertificateChainPolicy
CryptVerifyCertificateSignature

comctl32

ImageList_EndDrag
ord335
ImageList_Merge
DestroyPropertySheetPage
ord3
ord324
ImageList_Destroy
ImageList_AddMasked
ImageList_SetDragCursorImage
_TrackMouseEvent
CreateStatusWindowW
ord2
ord14
ord17
FlatSB_GetScrollRange
ord6
ord332
UninitializeFlatSB
ImageList_ReplaceIcon
ord5
ImageList_Read
ImageList_SetBkColor
ImageList_SetImageCount
ord8
ImageList_DragMove
ord334
ord337
ImageList_GetImageCount
ImageList_DragLeave
ord4
InitCommonControlsEx
ImageList_DrawEx
PropertySheetA
ImageList_DragEnter
FlatSB_SetScrollProp
ord323
FlatSB_SetScrollPos
ImageList_GetIconSize

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c95f0ca8ac6dc539d874f1fe2ef2f4b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

activeds

comsvcs

crypt32

comctl32

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 14KB - Virtual size: 21KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 14KB - Virtual size: 21KB