121282bc75cb51aad9956c7f27fee67b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

121282bc75cb51aad9956c7f27fee67b_JaffaCakes118
Size

1.1MB
MD5

121282bc75cb51aad9956c7f27fee67b
SHA1

b327dade21c4c135469f3c5ec8ab1a1d892c3759
SHA256

e191f7cbc423df08c66991d95c6234adefd04c748f7e4e2dc8ba48b2487ff70d
SHA512

0a4b07b3b1db797a1418ebbca8ff53b611797f22e526ec0a2ed3b0e80f803c14b6f0e02ab89e7929a4bb58335725ef9693e862bdb80feeb5a3d92d98f8372b6b
SSDEEP

24576:RQaAfKfDpbyYHNTqczpkdzYR8mLD4jVpFUzgFQA:fAMhHvpAmLD4jVHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
121282bc75cb51aad9956c7f27fee67b_JaffaCakes118

Files

121282bc75cb51aad9956c7f27fee67b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

b51e73caaf870c8beb62d4e43f1007af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mpr

WNetCloseEnum

user32

ClientToScreen
GetSystemMetrics
GetMenu
CreateWindowExA
SetTimer
GetClientRect
RegisterClassExA
LockSetForegroundWindow
TranslateMessage
GetParent
ShowWindow
GetMessageA
GetDC
IsWindowVisible
SendMessageA
SetWindowPos
PostQuitMessage
CopyRect
GetMenuItemCount
GetDlgItem
FlashWindow
KillTimer
UnhookWindowsHookEx
DefWindowProcA
DestroyIcon
UpdateWindow
DispatchMessageA
DestroyWindow

shell32

SHGetMalloc

ole32

CoCreateInstance
CLSIDFromString
CoInitializeEx

msvcrt

__setusermatherr
wcsncpy
_onexit
wcscmp
malloc
wcsncmp
exit
wcspbrk
isspace
_controlfp
swprintf
wcsstr
_wcslwr
wcstok
_exit
wcscat
_local_unwind2
time
_errno
_mbslen
_fdopen
_wcsnicmp
_wcmdln

gdi32

Polygon
SelectObject
CreateCompatibleDC

ntdll

isdigit
_aulldvrm

advapi32

GetAce
ReadEncryptedFileRaw
RegOpenKeyExA
OpenThreadToken
QueryServiceStatus
CheckTokenMembership

kernel32

GetTapePosition
GetUserDefaultLCID
SetErrorMode
WaitForSingleObject
OpenMutexA
FindClose
GetCurrentProcessId
VirtualAlloc
SetFileTime
GetVersion
GlobalFree
CreateMutexA
GetSystemTime
HeapQueryInformation
LocalFileTimeToFileTime
CloseHandle
FlushFileBuffers
CreateThread
WriteFile
GetCurrentThreadId
MultiByteToWideChar
GetProcessHeap
LocalFree
GetLastError
ReleaseMutex

netapi32

NetApiBufferSize
NetShareEnum
NetApiBufferFree

comctl32

ImageList_AddMasked
ImageList_GetImageCount
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetIcon

setupapi

SetupFindNextLine

Sections

.text
Size: 660KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b51e73caaf870c8beb62d4e43f1007af

Headers

DLL Characteristics

File Characteristics

Imports

mpr

user32

shell32

ole32

msvcrt

gdi32

ntdll

advapi32

kernel32

netapi32

comctl32

setupapi

Sections

.text Size: 660KB - Virtual size: 660KB

.data Size: 433KB - Virtual size: 433KB

.rsrc Size: 79KB - Virtual size: 3.1MB

.text
Size: 660KB - Virtual size: 660KB

.data
Size: 433KB - Virtual size: 433KB

.rsrc
Size: 79KB - Virtual size: 3.1MB