fc89529a30cdfa462ea60ade3a4db14d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc89529a30cdfa462ea60ade3a4db14d_JaffaCakes118
Size

203KB
MD5

fc89529a30cdfa462ea60ade3a4db14d
SHA1

64f3fc819ae08929627107d96e20ac51691b79b3
SHA256

63954cf318aed46d6f59feb3764a0d6db5ea7c204bf2e4009539a3a4d3289298
SHA512

bae9657f55a51504cf2e8dc956403c0a8bbe47053a0d37800eefbe7f5b0f6f1f6cc39b0786fe22a1ff966daf990b23d231ea65395fa6bf4ef370aaa960521423
SSDEEP

3072:a6sOmmnCPJajEfCh2O0WpFZwqGeviHsOaKD98mw5UO933wvnaGU42:znCPJajEqh2O0wZWeviHsq703gvaQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc89529a30cdfa462ea60ade3a4db14d_JaffaCakes118

Files

fc89529a30cdfa462ea60ade3a4db14d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9cd5e2dda53500470b3765488e42762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\Orphaned\uniprocessor\eye\hadn?.pdb

Imports

kernel32

SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
ReadFile
CloseHandle
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
GlobalAlloc
CreateFileA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
HeapAlloc
GetStartupInfoA
GetCommandLineA
HeapFree
InterlockedDecrement
InterlockedIncrement
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
GetConsoleWindow
SetLastError
CreateEventA
WaitForSingleObject
GetLastError
GlobalAddAtomA
lstrcpyA
lstrcatA
GlobalDeleteAtom
GlobalLock
LoadLibraryExW
GetProcAddress
GlobalUnlock
LoadLibraryExA
WritePrivateProfileStringA
GetModuleFileNameA
MultiByteToWideChar
GetModuleFileNameW
FindResourceA
SizeofResource
LoadResource
FreeResource
LoadLibraryA
GlobalFree
lstrcmpiA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
EnumSystemLocalesA
LockResource
GetPrivateProfileStringA
ReleaseMutex
MulDiv
FormatMessageA
LocalFree
LocalAlloc
GetCurrentThreadId
GetModuleHandleA
IsValidLocale

user32

CreateWindowExW
DefWindowProcA
RegisterClassW
GetDlgItem
MessageBoxA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
GetWindowDC
GetDC
BeginPaint
PostQuitMessage
CreatePopupMenu
EnableWindow
ReleaseDC
GetClientRect
MapWindowPoints
PtInRect
WindowFromPoint
KillTimer
PostMessageA
EndPaint
ClientToScreen
SetCursorPos
SetCapture
ReleaseCapture
SetWindowPos
SetRect
AdjustWindowRect
InvalidateRect
GetIconInfo
CheckMenuItem
DestroyWindow
UnpackDDElParam
FreeDDElParam
PackDDElParam
DialogBoxParamA
GetWindowRect
CreateWindowExA
AppendMenuA
TrackPopupMenu
ShowWindow
GetSystemMetrics
GetProcessWindowStation
GetUserObjectInformationA
GetSystemMenu
EnableMenuItem
DestroyIcon
CreateIconIndirect
SetWindowTextA
OpenClipboard
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EndDialog
RegisterClassA
TranslateMessage
GetMessageA
DispatchMessageA
UpdateWindow
MessageBoxW
GetWindow
GetParent
EnumThreadWindows
GetCursorPos
FindWindowA
GetMenu
MenuItemFromPoint
GetMenuItemCount
GetMenuStringA
GetWindowLongA
SetWindowLongA

gdi32

GetPaletteEntries
SelectObject
CreateDIBSection
CreateCompatibleDC
PatBlt
SelectPalette
BitBlt
DeleteDC
GetDIBColorTable
CreateBitmap
SetDIBColorTable
GetStockObject
GetObjectA
GetCurrentObject
CreateFontA
RealizePalette
CreateCompatibleBitmap
GetBkColor
CreateSolidBrush
SetTextColor
SetBkColor
GetDIBits
SetDIBitsToDevice
CreateFontIndirectA
GetTextMetricsA
TextOutA
GetDeviceCaps
DeleteObject
ChoosePixelFormat

comdlg32

PageSetupDlgA
PrintDlgA
ChooseFontA

shell32

Shell_NotifyIconA

ole32

CreateStreamOnHGlobal

oleaut32

VarCyAdd
VarCat
LoadTypeLi
OleLoadPicture
RegisterTypeLi

odbc32

ord86

netapi32

NetApiBufferFree
NetGetJoinInformation

avifil32

AVIStreamGetFrameClose
AVIFileInit

msvfw32

DrawDibClose
MCIWndCreateA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutWrite

shlwapi

StrSpnA
PathRemoveFileSpecW
SHCreateStreamOnFileA

comctl32

InitCommonControlsEx
ImageList_GetIcon
CreateToolbarEx
ImageList_Create
ImageList_DragShowNolock

opengl32

glClearColor
glBegin
glVertex2f
glEnd
glMatrixMode

glu32

gluOrtho2D

setupapi

SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

uxtheme

DrawThemeParentBackground
OpenThemeData
IsAppThemed
IsThemeActive
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
SetWindowTheme

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.massa
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tete
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.farad
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lars
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yduta
Size: 512B - Virtual size: 413B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prado
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9cd5e2dda53500470b3765488e42762

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

odbc32

netapi32

avifil32

msvfw32

winmm

shlwapi

comctl32

opengl32

glu32

setupapi

uxtheme

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 5KB - Virtual size: 12KB

.massa Size: 18KB - Virtual size: 17KB

.tete Size: 2KB - Virtual size: 1KB

.farad Size: 5KB - Virtual size: 5KB

.lars Size: 2KB - Virtual size: 1KB

.yduta Size: 512B - Virtual size: 413B

prado Size: 3KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 5KB - Virtual size: 12KB

.massa
Size: 18KB - Virtual size: 17KB

.tete
Size: 2KB - Virtual size: 1KB

.farad
Size: 5KB - Virtual size: 5KB

.lars
Size: 2KB - Virtual size: 1KB

.yduta
Size: 512B - Virtual size: 413B

prado
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB