00aa7b14a9dfd2de7be4111b3476974c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00aa7b14a9dfd2de7be4111b3476974c_JaffaCakes118
Size

200KB
MD5

00aa7b14a9dfd2de7be4111b3476974c
SHA1

8d6d654b62fd484b9bffdc7754295d3bb02ce968
SHA256

bbb6cf90f4d1ac7fce7a22e8dc398fd66e4f1a65806b3126fe7af9657cb3c94d
SHA512

dd2c075d9ffa3b926b10292457d6ccfc6e9fe9d249845795a22670184b1b4e2671fb284e4f0b2e2a31d447af0a6788ab07808c23d6c49746f5845531bc174c8f
SSDEEP

3072:GpzRtl8CmzfAgZAhYHuueS3W39yZDAjLao7Xi4MXoO7llYAmzoI7h+aS1Gb:GRtl2z9DelDjL1XekTzo0naGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00aa7b14a9dfd2de7be4111b3476974c_JaffaCakes118

Files

00aa7b14a9dfd2de7be4111b3476974c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbb816e5e7508642003e21655ff8dc1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\SVS_Work\MyTest\FileCheck\Client\Release\Client.pdb

Imports

iocptcp

TcpInit
TcpConnect
TcpCreate
TcpGetLinkAddr
TcpSend

kernel32

LoadLibraryA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetFileAttributesA
GetFileTime
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
ExitProcess
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetErrorMode
GetProcAddress
lstrcpyA
lstrcatA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
LocalFree
CreateThread
TerminateThread
WaitForSingleObject
GetLocalTime
GetCurrentThreadId
OutputDebugStringA
SetEvent
OpenFileMappingA
OpenEventA
CreateFileMappingA
CreateEventA
MapViewOfFile
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
GetTimeZoneInformation
DeleteFileA
IsBadWritePtr
VirtualQuery
GetModuleFileNameA
FormatMessageA
SetUnhandledExceptionFilter
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetModuleHandleA
SetConsoleCtrlHandler
FindResourceA
LoadResource
LockResource
SizeofResource
CompareStringW
CreateDirectoryA
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
Sleep
GetComputerNameA
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetEnvironmentVariableA
GetCurrentProcess
TerminateProcess
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RtlUnwind

user32

GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetKeyState
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
CallNextHookEx
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetDC
GetForegroundWindow
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CharUpperA
GetFocus
RemovePropA
UnregisterClassA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
ValidateRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantChangeType
VariantClear
VariantInit

ws2_32

htonl
ntohl

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbb816e5e7508642003e21655ff8dc1f

Headers

File Characteristics

PDB Paths

Imports

iocptcp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

ws2_32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 40KB - Virtual size: 39KB