0c9386a3c51a22c3e4b88718902c28be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c9386a3c51a22c3e4b88718902c28be_JaffaCakes118
Size

22KB
MD5

0c9386a3c51a22c3e4b88718902c28be
SHA1

56c4e59e34c3553ccc3c81e70f8434836bce6d2e
SHA256

f7887fd2ba52a8a0e776ead16c532558bc24d318a9607787804ae12fb8341b94
SHA512

885a3ba033833b1def0362540a01156285216ee77a5b070ae3919e143c970c132de703293551042cbfeedb178233b6635a589acc7ea47bab32787639e5594c59
SSDEEP

384:4bo5pPA57mjww2p1LSxAGZQ5NbckPXNg2iuqasmeny5qqEnnFnC+R:gwA5iwwq1SAGZQ59czuQmz5VEnFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c9386a3c51a22c3e4b88718902c28be_JaffaCakes118

Files

0c9386a3c51a22c3e4b88718902c28be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dab14d91f3bc9ca7c9d2755f13d18705

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayUnaccessData
CreateErrorInfo
SysStringByteLen
GetActiveObject
SafeArrayPtrOfIndex
SafeArrayPutElement
RegisterTypeLib
SysReAllocStringLen
VariantCopy
SysAllocStringLen
SafeArrayGetElement
SysStringLen
SafeArrayAccessData
LoadTypeLib
VariantChangeType
SafeArrayCreate
GetErrorInfo
SysAllocStringByteLen
OleLoadPicture
VariantInit
VariantChangeTypeEx
SafeArrayGetUBound
VariantCopyInd
SysFreeString
SetErrorInfo

kernel32

CreateMutexA
WriteConsoleW
CopyFileA
RaiseException
GetWindowsDirectoryW
LockResource
ReleaseSemaphore
VirtualFree
IsDBCSLeadByte
FindNextFileA
VirtualAlloc
CloseHandle
DeviceIoControl
ResumeThread
IsBadCodePtr
GetLastError
GetCurrentDirectoryW
SizeofResource
IsValidCodePage
GetComputerNameW
GetCurrentProcess
GetTempPathA
OutputDebugStringW
OpenProcess
CreateDirectoryA
CreateFileMappingW
GetFullPathNameW
lstrcatW
LoadLibraryExA
ExpandEnvironmentStringsA
ExitProcess
LoadResource
CreateMutexW
SetFileAttributesA
GetExitCodeProcess
GetCommandLineW
SetThreadPriority
AddAtomW
RemoveDirectoryW
FileTimeToLocalFileTime

shell32

DAD_DragMove
SHILCreateFromPath
Shell_GetCachedImageIndex
GetFileNameFromBrowse
DllRegisterServer
DragAcceptFiles
Shell_MergeMenus
DllInstall
SHDefExtractIconW
DAD_DragEnterEx
RestartDialog
IsLFNDrive
DllCanUnloadNow
DllGetVersion
DragFinish
DriveType
DAD_DragLeave
SHCoCreateInstance
SHGetSetSettings
SHChangeNotifyDeregister
SHChangeNotifyRegister
PathQualify
IsNetDrive
Shell_GetImageLists
PathResolve
DllUnregisterServer
PifMgr_OpenProperties
PickIconDlg
SHStartNetConnectionDialogW
DllGetClassObject

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA
VerLanguageNameA
VerQueryValueW
GetFileVersionInfoSizeA
VerFindFileW

msvcrt

wcslen
_snwprintf
free
wcsncpy
realloc
_wcsicmp
wcscmp
_ftol
fwrite
_onexit
wcscpy
strtol
wcsncmp
_strnicmp
malloc
_local_unwind2
_adjust_fdiv
_initterm
_vsnwprintf
swprintf
_iob
__dllonexit
_wtoi
_itow

rpcrt4

NdrConformantStructBufferSize
NDRcopy
NDRCContextBinding
NdrByteCountPointerFree
DllRegisterServer
MesIncrementalHandleReset
NdrAsyncServerCall
MesInqProcEncodingId
NDRCContextMarshall
MesEncodeFixedBufferHandleCreate
CStdStubBuffer_CountRefs
NDRSContextMarshallEx
DllGetClassObject
NdrClientInitialize
NDRSContextMarshall
NdrByteCountPointerUnmarshall
NdrAsyncClientCall
DceErrorInqTextW
MesDecodeIncrementalHandleCreate
CreateStubFromTypeInfo
NdrByteCountPointerBufferSize
NdrAllocate
MesHandleFree
MesBufferHandleReset

user32

EndPaint
wsprintfW
EndDialog
SetTimer
GetDC
CharNextW
InvalidateRect
GetDesktopWindow
GetWindowLongA
DispatchMessageA
DefWindowProcA
BeginPaint
wsprintfA
EnableWindow
SendMessageW
GetSystemMetrics
GetWindowRect
LoadStringA
GetSysColor
SetWindowLongW
SetWindowLongA
IsWindow
SetWindowPos
MessageBoxA
LoadStringW
GetClientRect
DestroyWindow
TranslateMessage
GetParent
SendMessageA
GetWindowLongW
SetCursor
PostQuitMessage
KillTimer
UpdateWindow
ShowWindow

gdi32

GetDeviceCaps
CreateFontIndirectA
SelectPalette
CreateRectRgn
UnrealizeObject
GetObjectA
ExtTextOutA
CreateDIBitmap
RestoreDC
CreatePen
LineTo
MoveToEx
DeleteDC
CreateCompatibleDC
SelectObject
SaveDC
CreatePalette
GetTextMetricsA
RealizePalette
GetSystemPaletteEntries
CreateSolidBrush
SelectClipRgn
GetStockObject
GetTextExtentPointA
BitBlt
SetTextColor
DeleteObject
SetBkColor

advapi32

RegCloseKey
OpenProcessToken
AllocateAndInitializeSid
RegSetValueExA
RegDeleteValueW
OpenThreadToken
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
FreeSid
RegQueryValueExW
RegCreateKeyExA
RegEnumKeyExA
InitializeSecurityDescriptor
CloseServiceHandle
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyW
GetTokenInformation

Sections

.textbss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab14d91f3bc9ca7c9d2755f13d18705

Headers

File Characteristics

Imports

oleaut32

kernel32

shell32

version

msvcrt

rpcrt4

user32

gdi32

advapi32

Sections

.textbss Size: - Virtual size: 8KB

.text Size: 5KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 5KB - Virtual size: 5KB

.debug Size: 1024B - Virtual size: 860B

.rsrc Size: 2KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 5KB - Virtual size: 5KB

.debug
Size: 1024B - Virtual size: 860B

.rsrc
Size: 2KB - Virtual size: 2KB