179c96849446270f65485a281dec13c7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

179c96849446270f65485a281dec13c7_JaffaCakes118
Size

458KB
MD5

179c96849446270f65485a281dec13c7
SHA1

cf4fcfda49922fa115362a8ebed81c4250702b38
SHA256

ce1ed4a644797ed92066b90fd1ee5150b99997b0f748e52e838549da90f82dd1
SHA512

8354185766c5459780aa76026c2529e6cf1e8e1b988b972802fe7bb6a3d30093fec72a9040de637e6ddec10fb600c1617aa1debc9759efa0b8bde40e5dc0c884
SSDEEP

12288:yCGThBIm7P7RFbkJUY6dbGTayLNZlFt7YsBsD6VjaFLN+K1SYET7:yVMmD7XwJQd+xZHyMsD6dGNL1SB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179c96849446270f65485a281dec13c7_JaffaCakes118

Files

179c96849446270f65485a281dec13c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0c367e8910970e98c7ab83e5d7ecb8b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsReplaceRecordSetW

kernel32

CreateThread
LockResource
GetFileAttributesW
GetSystemTimeAsFileTime
FindResourceA
GlobalFree
lstrcmpiW
EnterCriticalSection
WideCharToMultiByte
GetModuleFileNameW
SetLastError
FindClose
GetLocaleInfoW
LocalSize
Sleep
GetVersionExA
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetTickCount
GetProcessVersion
lstrlenA
VirtualAllocEx
FindNextFileW
lstrcpyA
WaitForSingleObject
InterlockedExchange
GlobalLock
lstrcpyW
InterlockedIncrement
GetProfileStringW
InterlockedCompareExchange
ResetEvent
DeleteFileW
TlsFree
GlobalUnlock
GetVolumeInformationW
GlobalAlloc
TlsGetValue
SetErrorMode
GetFullPathNameW
GetCurrentThreadId
LeaveCriticalSection
LoadLibraryA
ExpandEnvironmentStringsW
GetDriveTypeW
MulDiv
LoadResource
UnhandledExceptionFilter
FreeLibrary
GetCurrentProcess
GetTempFileNameW
DeleteCriticalSection
GetUserDefaultLCID
FindResourceExW
TlsSetValue
InterlockedDecrement
QueryPerformanceCounter
TerminateProcess
GetCurrentProcessId
FreeResource
SizeofResource
LoadLibraryW
SetEvent
LocalReAlloc
TlsAlloc
GetCurrentDirectoryW
lstrcpynW
CreateEventW
SetCurrentDirectoryW
GetACP
GetSystemDefaultUILanguage
CreateFileW
LocalFree
LocalAlloc
lstrcmpW
lstrlenW
DelayLoadFailureHook
MultiByteToWideChar
GetModuleHandleA
FreeLibraryAndExitThread
GetModuleHandleW
GetProcAddress
CloseHandle
FormatMessageW
GlobalReAlloc
DisableThreadLibraryCalls
FindResourceW
GetLastError

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx

gdi32

MoveToEx
GetObjectW
GetNearestColor
GetTextCharsetInfo
EnumFontFamiliesExW
SetMapMode
SetBkColor
CreateFontIndirectW
GetCharWidth32W
CreatePen
DeleteObject
CreateSolidBrush
SetTextColor
PatBlt
DeleteDC
CreateFontW
GetTextExtentPointW
TranslateCharsetInfo
CreateDIBitmap
GetStockObject
CreateDiscardableBitmap
CreateDCW
GetViewportExtEx
BitBlt
CreateCompatibleDC
GetTextMetricsW
ExtTextOutW
CreateCompatibleBitmap
Rectangle
RealizePalette
ExcludeClipRect
LineTo
TextOutW
CreateICW
GetDeviceCaps
SetViewportExtEx
SetBkMode
SelectObject
GetWindowExtEx
CreateRectRgnIndirect
SelectClipRgn
GetMapMode
GetTextCharset
SelectPalette
SetWindowExtEx

user32

SetDlgItemInt
EndDialog
DestroyMenu
CharNextA
SetFocus
CharPrevW
SetCursor
DrawIcon
CheckDlgButton
CopyRect
GetFocus
SetDlgItemTextW
SetCapture
DialogBoxIndirectParamAorW
CreateWindowExW
IsWindow
GetWindowTextLengthW
EnumChildWindows
CreateDialogIndirectParamA
LoadStringW
ShowWindow
SetWindowTextW
CharLowerW
GetDialogBaseUnits
DefWindowProcW
MoveWindow
RemovePropW
GetDlgItemTextW
GetSysColorBrush
GetDlgItemInt
TranslateAcceleratorW
BeginPaint
FrameRect
DeferWindowPos
GetClientRect
LockWindowUpdate
IsWindowVisible
GetWindowLongA
GetWindow
GetWindowTextW
DrawTextW
GetDC
MapWindowPoints
ReleaseDC
SetWindowPos
SetTimer
ChildWindowFromPoint
BeginDeferWindowPos
DestroyWindow
CheckRadioButton
GetKeyState
GetDlgItemTextA
ClipCursor
TranslateMessage
RegisterClipboardFormatW
EndDeferWindowPos
DialogBoxIndirectParamW
IsWindowEnabled
SetDlgItemTextA
RegisterWindowMessageW
GetSystemMenu
MessageBoxW
DispatchMessageW
CreateDialogIndirectParamAorW
KillTimer
LoadCursorW
IsDlgButtonChecked
CreatePopupMenu
GetKeyboardLayout
InflateRect
LoadAcceleratorsW
InvalidateRect
PtInRect
CallWindowProcW
GetWindowLongW
SetParent
GetParent
FindWindowExW
MessageBeep
EndPaint
WinHelpW
GetSystemMetrics
DeleteMenu
CreateDialogIndirectParamW
RegisterWindowMessageA
GetSysColor
CallNextHookEx
SetWindowLongW
CharNextW
UnhookWindowsHookEx
LoadIconW
GetPropW
FillRect
GetDlgItem
DrawEdge
EqualRect
GetWindowRect
GetLastActivePopup
GetDlgCtrlID
PeekMessageW
ShowCursor
DlgDirListW
PostMessageW
SendMessageW
GetWindowPlacement
EnableWindow
DrawFocusRect
RedrawWindow
IntersectRect
ValidateRect
SetWindowPlacement
SetPropW
MsgWaitForMultipleObjects
LoadImageW
ScreenToClient
UpdateWindow
GrayStringW
SendDlgItemMessageW
SetWindowsHookExW

ntdll

RtlUnicodeToMultiByteSize
RtlUnicodeStringToAnsiString
_chkstk
memmove
_vsnwprintf
wcslen
RtlInitUnicodeStringEx
_wcsicmp
RtlAnsiStringToUnicodeString
RtlIsNameLegalDOS8Dot3
NtQueryVirtualMemory
RtlUnwind

ws2_32

WSARecvFrom
WSAIoctl
freeaddrinfo
WSAAddressToStringW
WSASendTo
WSASocketW
WSAStringToAddressA
WSALookupServiceEnd
WSAEventSelect
WSALookupServiceNextW
getaddrinfo
WSAAddressToStringA
getnameinfo
WSALookupServiceBeginW

comctl32

PropertySheetW
CreateToolbarEx
ImageList_GetIconSize
CreatePropertySheetPageW
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx

mswsock

GetAcceptExSockaddrs
AcceptEx

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 405KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c367e8910970e98c7ab83e5d7ecb8b1

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

kernel32

ole32

gdi32

user32

ntdll

ws2_32

comctl32

mswsock

advapi32

Sections

.text Size: 14KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 20KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 405KB - Virtual size: 1.8MB

.text
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 20KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 405KB - Virtual size: 1.8MB