fe53a72b7153804b22dc7a805f21db4f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe53a72b7153804b22dc7a805f21db4f_JaffaCakes118
Size

412KB
MD5

fe53a72b7153804b22dc7a805f21db4f
SHA1

5160de169967993052cefa355f830411d0281216
SHA256

079e3875726e57824b5357583a9ba746c5775a60c6355f5cced8024652817699
SHA512

ac3327c6c101ac517c716f5d5f6d4d336f37416480710133e14b5cc38f1b31d5728936c24fdbe5eca8ded601591df66ebd35889d28346ccd8dc3dcb4798a9578
SSDEEP

12288:RQp9NlgvmmR72pz33QoqzranOiu+tu9RuQiXlNv:6phgvmmB2pz3DpOiuMunuQi3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe53a72b7153804b22dc7a805f21db4f_JaffaCakes118

Files

fe53a72b7153804b22dc7a805f21db4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

405e0125d5f9735ee59e5faac2dd2bea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
VirtualAlloc
FillConsoleOutputCharacterA
GlobalAlloc
OpenEventA
GetLocalTime
GetWindowsDirectoryA
WaitForSingleObject
CreateEventA
MulDiv
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameW
GetFileType
SetHandleCount
GetCurrentDirectoryA
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
HeapCreate
HeapDestroy
GetStartupInfoA
GetCommandLineA
ExitProcess
GetFullPathNameA
GetDriveTypeA
VirtualQuery
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateIoCompletionPort
GetSystemInfo
Sleep
GetStdHandle
SetConsoleCursorPosition
EnumDateFormatsA
GetVersionExA
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime
CreateFileA
DeviceIoControl
CloseHandle
SetFileAttributesW
OpenFileMappingA
MapViewOfFile
_lopen
_lread
_lclose
GetVolumeNameForVolumeMountPointA
FindNextVolumeMountPointA
FindFirstVolumeW
CreateFileW
QueryDosDeviceW
GetCurrentThread
LocalAlloc
GetVolumeInformationA
FormatMessageA
FindFirstVolumeMountPointA
FindFirstFileA
FindClose
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
SetLastError
GetLastError
IsDBCSLeadByte
lstrcmpiA
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedDecrement
lstrlenA
FreeEnvironmentStringsA

user32

MenuItemFromPoint
GetFocus
DrawFocusRect
GetMenu
SetWindowLongA
IntersectRect
GetSystemMenu
DefMDIChildProcA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
CharNextA
DestroyWindow
DefWindowProcA
LoadImageA
GetSystemMetrics
LoadCursorA
GetClassInfoExA
CreateWindowExA
LoadAcceleratorsA
LoadMenuA
LoadStringA
SetClassLongA
GetWindowLongA
GetDlgItem
DestroyIcon
GetClassLongA
DrawFrameControl
EndPaint
DrawTextExW
OffsetRect
BeginPaint
MoveWindow
EnableMenuItem
SendInput
IsWindow
ClientToScreen
GetClientRect
GetIconInfo
GetMenuItemCount
GetMenuStringA
UnregisterClassA
GetCursorPos
RegisterClassExA
GetDC
InvalidateRect
PtInRect
wsprintfA
FindWindowA
DialogBoxIndirectParamA
ExitWindowsEx
GetWindowPlacement
SetWindowPlacement
IsDlgButtonChecked
SetWindowTextA
ReleaseDC
LoadBitmapA
MessageBoxA
GetClipCursor
SetRect
ClipCursor
MessageBeep
TrackPopupMenuEx
SetWindowPos
CallWindowProcA
MonitorFromPoint
GetMonitorInfoA
GetMenuItemInfoA
RemoveMenu
AppendMenuA
DestroyMenu
CreatePopupMenu
LoadStringW
PostQuitMessage
SetFocus
TranslateAcceleratorA
SetTimer
MapWindowPoints
PostMessageA
SendMessageA
GetDesktopWindow
GetWindow
GetClassNameA
GetWindowThreadProcessId
GetWindowRect

gdi32

SetAbortProc
SetTextAlign
StretchBlt
StartDocA
GetDeviceCaps
CreateEllipticRgn
CombineRgn
CreateSolidBrush
FillRgn
CreatePen
SaveDC
SetMapMode
CreateCompatibleDC
CreateDIBitmap
CreateCompatibleBitmap
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteObject
GetAspectRatioFilterEx
SetDCPenColor
GetTextCharsetInfo
CreateDIBSection
GetStockObject
StartPage
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
CreateDCA
GetCurrentObject
Rectangle
CreateRectRgn
GetArcDirection

comdlg32

ChooseColorA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
GetTokenInformation
RegSetValueExW
OpenThreadToken
RegQueryValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW

shell32

ExtractIconExA
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconA
SHFileOperationA

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc

oleaut32

SafeArrayCreate
VarUI4FromStr
RevokeActiveObject
SystemTimeToVariantTime

odbc32

ord75

shlwapi

PathIsDirectoryA
PathRemoveFileSpecA
StrStrW
PathGetDriveNumberW
PathIsContentTypeW

comctl32

InitCommonControlsEx

opengl32

glClear
glLoadIdentity
glBegin

wininet

InternetCrackUrlA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetConnectA

ws2_32

WSAStartup

netapi32

NetShareGetInfo

psapi

GetModuleBaseNameW

avifil32

AVIStreamGetFrameOpen
AVIStreamGetFrameClose
AVIStreamGetFrame

msvfw32

DrawDibClose

pdh

PdhCollectQueryData
PdhOpenQueryA
PdhMakeCounterPathA

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcImpersonateClient
RpcRevertToSelf

snmpapi

SnmpUtilMemAlloc
SnmpUtilMemFree

rpcns4

RpcNsBindingImportBeginA

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

405e0125d5f9735ee59e5faac2dd2bea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

shlwapi

comctl32

opengl32

wininet

ws2_32

netapi32

psapi

avifil32

msvfw32

pdh

rpcrt4

snmpapi

rpcns4

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 204KB - Virtual size: 3.2MB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 204KB - Virtual size: 3.2MB