095edf031f3dd8609f7496ad61803e14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

095edf031f3dd8609f7496ad61803e14_JaffaCakes118
Size

1.5MB
MD5

095edf031f3dd8609f7496ad61803e14
SHA1

42ca9b03088b69ac41cb37cd89bb714cf726ff61
SHA256

35becd5adf3bd707cd0ac511d884af38df37b80c62d72887ab4d29061358dabc
SHA512

2e51a29ffe8fc062dd27d14b1ed22e955e29e1328a9bb0bf88d76a6b933612b836a03f1b955361fc43a975cf5d257357c58621c052a70b8b28d0b64dd27ef66a
SSDEEP

24576:2csYBBXA3E/qg/JcUS0n74lry3fWh9ysGAlChIu3gkLIXe2a:dfBnt/6Pkslry3fANGAlChluXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095edf031f3dd8609f7496ad61803e14_JaffaCakes118

Files

095edf031f3dd8609f7496ad61803e14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b8ac8e4e5d78ad8f22c38e0b3908ae88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

connect
htons
inet_addr
gethostbyname
WSACleanup
socket
closesocket
accept
listen
bind
__WSAFDIsSet
select
ioctlsocket
recv
WSAStartup
send

gdi32

DPtoLP
GetDeviceCaps
LPtoDP
SetMapMode
GetStockObject
GetMapMode
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
DeleteObject
ExtTextOutA
SaveDC
RestoreDC

kernel32

CompareStringA
GetModuleHandleW
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
FileTimeToSystemTime
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetFullPathNameA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
GetDriveTypeA
VirtualAlloc
HeapReAlloc
HeapSize
GetACP
IsValidCodePage
GetTimeZoneInformation
VirtualFree
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
GetCurrentProcessId
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
SetLastError
GetEnvironmentVariableA
CreateMutexA
GetCommandLineA
TerminateThread
GetModuleFileNameA
CreateThread
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MoveFileA
Module32First
ResetEvent
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
CopyFileA
CreateFileA
ReadFile
WriteFile
GetTickCount
CreateDirectoryA
GetStartupInfoA
WaitForDebugEvent
TerminateProcess
GetThreadContext
SetThreadContext
ContinueDebugEvent
GetModuleHandleA
MulDiv
SetFileAttributesA
SetEvent
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
CreateEventA
CloseHandle
FormatMessageA
ReleaseMutex
WaitForSingleObject
GetLastError
CreateProcessA
GetTempPathA
Sleep
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetWindowsDirectoryA
GetFileAttributesA

user32

RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClassInfoA
DestroyMenu
ClientToScreen
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
GetClassInfoExA
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
MessageBoxA
ShowWindow
GetTitleBarInfo
GetDesktopWindow
GetWindowRect
MoveWindow
SetWindowTextA
BeginPaint
EndPaint
InvalidateRect
UpdateWindow
SetFocus
GetWindowDC
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
CreateIconFromResourceEx
GetWindowTextA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA

ole32

CreateStreamOnHGlobal

oleaut32

VariantInit
VariantChangeType
VariantClear
OleLoadPicture

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8ac8e4e5d78ad8f22c38e0b3908ae88

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

gdi32

kernel32

user32

winspool.drv

advapi32

shell32

ole32

oleaut32

oleacc

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 99KB - Virtual size: 175KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 99KB - Virtual size: 175KB