082be7cb21d69f910341e5a896c316c9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

082be7cb21d69f910341e5a896c316c9_JaffaCakes118
Size

119KB
MD5

082be7cb21d69f910341e5a896c316c9
SHA1

f4ea70827e7a89c45c9b412c6032851c938f02f8
SHA256

659281b99357ac27deeac430aa8e89ae78c7d7afc7780a98349750c7c2ff9ed7
SHA512

11031674685b4a8e16c3e0c45ee79706ffe689a265ddb787e96b0b458f884a03f022950d4a0e2ce8b420980f698819c9f39f605818ee796f8750ccd1a8c8284d
SSDEEP

3072:R82RqKW8Lv02gheuQq+CjIVA8/Ly54t+Q:y2QKW8MzeuQdVTe54t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082be7cb21d69f910341e5a896c316c9_JaffaCakes118

Files

082be7cb21d69f910341e5a896c316c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be612332aa9e2d35a526cd4af34d5f5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
FindNextFileA
SetFileAttributesA
WriteConsoleW
SetThreadPriority
GetComputerNameW
GetFullPathNameW
AddAtomW
ExitProcess
VirtualAlloc
MulDiv
FindResourceA
GetTempPathA
CreateProcessW
OutputDebugStringW
SizeofResource
VirtualFree
CreateMutexA
RemoveDirectoryW
CreateFileMappingW
FileTimeToLocalFileTime
CreateDirectoryA
LoadResource
CloseHandle
ExpandEnvironmentStringsA
GetExitCodeProcess
IsDBCSLeadByte
GetLastError
GetCommandLineW
CreateMutexW
LockResource
IsValidCodePage
DeviceIoControl
RaiseException
ResumeThread
LoadLibraryExA
OpenProcess
GetWindowsDirectoryW
IsBadCodePtr
lstrcatW
ReleaseSemaphore
GetCurrentDirectoryW
GetCurrentProcess
CreateFileMappingA

rpcrt4

CreateStubFromTypeInfo
MesEncodeFixedBufferHandleCreate
NDRcopy
MesDecodeIncrementalHandleCreate
DllGetClassObject
NdrClientInitialize
NDRSContextMarshallEx
NdrByteCountPointerFree
CStdStubBuffer_CountRefs
MesInqProcEncodingId
NDRSContextMarshall
NdrAsyncClientCall
NDRCContextBinding
NdrAllocate
MesBufferHandleReset
DllRegisterServer
MesIncrementalHandleReset
NdrAsyncServerCall
NdrByteCountPointerUnmarshall
DceErrorInqTextW
NdrConformantStructBufferSize
NDRCContextMarshall
MesHandleFree
NdrByteCountPointerBufferSize

shell32

RestartDialog
PathQualify
DAD_DragEnterEx
SHStartNetConnectionDialogW
DAD_DragMove
IsNetDrive
IsLFNDrive
DllUnregisterServer
DllRegisterServer
SHCoCreateInstance
DllGetVersion
DragAcceptFiles
GetFileNameFromBrowse
DllGetClassObject
PifMgr_OpenProperties
SHChangeNotifyRegister
SHILCreateFromPath
PickIconDlg
PathResolve
DragFinish
Shell_GetImageLists
DriveType
Shell_GetCachedImageIndex
SHChangeNotifyDeregister
DllCanUnloadNow
SHDefExtractIconW
SHGetSetSettings
DAD_DragLeave
Shell_MergeMenus
DllInstall

oleacc

ObjectFromLresult

advapi32

RegDeleteKeyA
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExW
OpenThreadToken
RegQueryInfoKeyW
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
RegSetValueExW
OpenProcessToken
RegDeleteValueW
CloseServiceHandle
RegOpenKeyExW
AllocateAndInitializeSid
RegCreateKeyExA
RegEnumValueW
GetTokenInformation
RegCloseKey
RegDeleteKeyW
InitializeSecurityDescriptor
FreeSid

oleaut32

VariantInit
SafeArrayGetUBound
SysReAllocStringLen
VariantClear
SafeArrayGetElement
LoadTypeLib
SafeArrayUnaccessData
SysStringLen
OleLoadPicture
SafeArrayAccessData
CreateErrorInfo
SafeArrayPutElement
GetErrorInfo
SafeArrayCreate
RegisterTypeLib
LoadTypeLibEx
SysAllocStringByteLen
VariantChangeType
VariantCopyInd
VariantChangeTypeEx
GetActiveObject
SafeArrayGetLBound
SysStringByteLen
SysFreeString
VariantCopy
SetErrorInfo

user32

BeginPaint
InvalidateRect
CharNextA
SetTimer
GetWindowRect
SendMessageA
GetSysColor
wsprintfA
SetWindowLongW
EndPaint
LoadStringA
GetSystemMetrics
TranslateMessage
PostMessageW
DispatchMessageA
GetClientRect
DefWindowProcA
SetWindowLongA
CreateWindowExA
GetWindowLongA
GetDlgItem
SetWindowPos
UpdateWindow
SetCursor
GetDC
GetParent
PostQuitMessage
GetWindowLongW
CharNextW
ShowWindow
GetDesktopWindow
EnableWindow
ReleaseDC
IsWindow
wsprintfW
MessageBoxW
SendMessageW
MessageBoxA
EndDialog
KillTimer

Sections

.textbss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be612332aa9e2d35a526cd4af34d5f5f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

shell32

oleacc

advapi32

oleaut32

user32

Sections

.textbss Size: - Virtual size: 104KB

.data Size: 11KB - Virtual size: 10KB

.debug Size: 9KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 10KB

.text Size: 512B - Virtual size: 445B

.idata Size: 69KB - Virtual size: 69KB

.rsrc Size: 17KB - Virtual size: 17KB

.textbss
Size: - Virtual size: 104KB

.data
Size: 11KB - Virtual size: 10KB

.debug
Size: 9KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 10KB

.text
Size: 512B - Virtual size: 445B

.idata
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 17KB - Virtual size: 17KB