0382126fbb356bc1e7c6a5eb69412c7f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0382126fbb356bc1e7c6a5eb69412c7f_JaffaCakes118
Size

313KB
MD5

0382126fbb356bc1e7c6a5eb69412c7f
SHA1

abc6f262b3d42e08198bb905b87b35a89b2f7db5
SHA256

f5ec6d851e7b193db55d9c54fdf95def955a5a57a91360bd234cb9932a245e1f
SHA512

14382992b3646ec376e9ebb2cf27ee242ca4cb6ff903ffb196d3d8d1c3ba667e82480887b0d0f433c4cb91f9ba2cf030142a48d0a98c8fb6ce5cde417b94889f
SSDEEP

6144:aZCsfr0L3w1K1zNvUftAEEEEEEEEEEEEEEEEEEEEh:acvJvUfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0382126fbb356bc1e7c6a5eb69412c7f_JaffaCakes118

Files

0382126fbb356bc1e7c6a5eb69412c7f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77dac6fdf0cb9a30acd5a2534bf4ba24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
lstrcpyA
TlsFree
lstrcmpiA
GetCurrentProcessId
LCMapStringW
ExitProcess
CreateEventA
lstrlenW
GetFileSize
GetSystemTimeAsFileTime
CreateThread
InterlockedIncrement
FreeEnvironmentStringsA
lstrcmpiW
CreateFileMappingA
FileTimeToLocalFileTime
GetStringTypeA
CreateFileMappingW
GetSystemDirectoryA
CreateFileW
GetModuleFileNameW
GetCPInfo
CreateEventW
DisableThreadLibraryCalls
CompareStringA
GetStdHandle
VirtualAllocEx
GetLocalTime

atmlib

ATMAddFont

rpcrt4

IUnknown_Release_Proxy
NdrCStdStubBuffer2_Release
RpcServerRegisterAuthInfoW
NdrOleFree
RpcServerRegisterIfEx
NdrDllUnregisterProxy
RpcServerUnregisterIf
IUnknown_QueryInterface_Proxy
CStdStubBuffer_QueryInterface
NdrStubForwardingFunction
CStdStubBuffer_Invoke
RpcBindingToStringBindingW
NdrClientCall2
RpcBindingSetAuthInfoW
RpcServerUseProtseqEpW
RpcBindingSetAuthInfoExW
RpcStringFreeA
NdrStubCall2
CStdStubBuffer_Disconnect
RpcBindingFromStringBindingW
CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
RpcImpersonateClient
UuidToStringW
RpcRevertToSelf
UuidFromStringW
RpcBindingFree

ole32

OleRegEnumVerbs
CoInitializeEx
OleLoadFromStream
GetRunningObjectTable
CoGetObjectContext
CoInitialize
StgCreateDocfileOnILockBytes
CoUninitialize
CLSIDFromProgID
CreateStreamOnHGlobal
OleInitialize
CoCreateGuid
OleUninitialize
CoMarshalInterThreadInterfaceInStream
GetHGlobalFromStream
CoUnmarshalInterface
CoGetInterfaceAndReleaseStream
StgIsStorageFile
PropVariantCopy
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoRegisterClassObject
OleRun
StringFromIID
CreateILockBytesOnHGlobal
CLSIDFromString
MkParseDisplayName
CreateDataAdviseHolder
CreateOleAdviseHolder

advapi32

DuplicateTokenEx
AddAccessAllowedAce
RegCloseKey
RegisterTraceGuidsW
InitializeAcl
CryptAcquireContextW
MakeSelfRelativeSD
RegSetValueExW
QueryServiceConfigW
CryptCreateHash
SetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeregisterEventSource
GetTraceEnableLevel
ChangeServiceConfigW
OpenServiceA
GetSecurityDescriptorLength
RegDeleteKeyA
CloseServiceHandle
OpenSCManagerA
AddAce
GetTraceEnableFlags
EqualSid

shell32

SHFileOperationW
SHChangeNotify
SHGetMalloc
SHGetSpecialFolderPathW
SHGetDesktopFolder

user32

GetSystemMenu
EndPaint
LoadCursorA
GetDC
DialogBoxParamA
CheckDlgButton
PeekMessageA
GetClassNameW
SetDlgItemTextW
GetWindowRect
SetFocus
UnhookWindowsHookEx
MoveWindow
ShowWindow
BeginPaint
UpdateWindow
GetSysColorBrush
DestroyWindow
SetWindowTextA
SetWindowLongW
CreateDialogParamW
GetWindowLongW
WinHelpW
FindWindowW
CopyRect
RegisterClassA
EnableMenuItem
IsRectEmpty
DialogBoxParamW
ClientToScreen
DestroyIcon
MsgWaitForMultipleObjects
GetDesktopWindow
LoadIconA
KillTimer
MessageBoxA
IsWindow
RegisterWindowMessageA
DispatchMessageW

oleaut32

SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex
SafeArrayGetUBound
VariantInit
SysStringByteLen
SysAllocStringByteLen
LoadTypeLib
CreateErrorInfo
SysAllocStringLen
SafeArrayGetElement
VariantCopy

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77dac6fdf0cb9a30acd5a2534bf4ba24

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

atmlib

rpcrt4

ole32

advapi32

shell32

user32

oleaut32

Sections

.text Size: 57KB - Virtual size: 57KB

.orpc Size: 7KB - Virtual size: 10KB

DATA Size: 11KB - Virtual size: 20KB

INIT Size: 24KB - Virtual size: 48KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 57KB

.orpc
Size: 7KB - Virtual size: 10KB

DATA
Size: 11KB - Virtual size: 20KB

INIT
Size: 24KB - Virtual size: 48KB

.reloc
Size: 1KB - Virtual size: 1KB