1813fdf8d156694b9ef0e2ab5214a4ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1813fdf8d156694b9ef0e2ab5214a4ae_JaffaCakes118
Size

244KB
MD5

1813fdf8d156694b9ef0e2ab5214a4ae
SHA1

21ca2a771ee584f33baa73775d4e29cda8781adf
SHA256

7129914cdbfc7c8e1916d9bbc27cdbb74bde158627244b6d7c14c07fa436965b
SHA512

6095075c5d9ed000e71f95b569e85d1102869a2e8ecb5eadd4ad03b6ffbb511c5076c5e3643d2cd4f8a845d93e41b8bee18fa726495572fb621a6e258abeb9d5
SSDEEP

6144:W1N7mRcVPzqRPYBO3teyMw9Q6oSgVzEPPx08P0LHPvnCbSt:W15mRazqHetw9QQKoPPx0Q4nnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1813fdf8d156694b9ef0e2ab5214a4ae_JaffaCakes118

Files

1813fdf8d156694b9ef0e2ab5214a4ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fb80afb14973ccb2fc71f60ce6ea860

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wsock32

getsockname
gethostbyaddr
getpeername
inet_addr
accept
listen
htonl
bind
WSACleanup
ioctlsocket
gethostbyname
htons
connect
shutdown
closesocket
socket
setsockopt
recv
send
WSAGetLastError
gethostname
WSAStartup

kernel32

GlobalAlloc
GetCurrentThreadId
WritePrivateProfileStringA
CreateProcessA
ResumeThread
SetThreadPriority
TerminateThread
GetExitCodeThread
SetEvent
GetModuleFileNameA
SetProcessShutdownParameters
CreateFileMappingA
GetCurrentThread
LocalFree
LocalAlloc
HeapFree
HeapAlloc
lstrlenW
lstrcmpiW
lstrcatW
lstrcpyW
MultiByteToWideChar
lstrcmpA
WaitForSingleObject
GetTickCount
CreateEventA
ResetEvent
GetPrivateProfileStringA
ExitProcess
OpenProcess
GlobalLock
WideCharToMultiByte
GetCurrentProcessId
lstrcpynA
LCMapStringA
UnhandledExceptionFilter
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
ExitThread
TlsSetValue
CreateThread
GetSystemTime
GetTimeZoneInformation
GetLocalTime
RtlUnwind
InterlockedExchange
GlobalUnlock
GetComputerNameA
GetVersionExA
GetSystemDirectoryA
CopyFileA
MoveFileExA
GetCurrentProcess
DuplicateHandle
FreeLibrary
LoadLibraryA
GetProcAddress
SetLastError
WriteFile
SetFileTime
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
lstrlenA
MoveFileA
GetLastError
CreateFileA
ReadFile
FindFirstFileA
FindNextFileA
FindClose
GetLogicalDrives
GetDriveTypeA
lstrcmpiA
lstrcatA
lstrcpyA
Sleep
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
HeapSize
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetFilePointer
SetEnvironmentVariableA

user32

GetDlgItem
MessageBeep
DefWindowProcA
KillTimer
PostQuitMessage
SetTimer
IsClipboardFormatAvailable
InvalidateRect
UpdateWindow
LoadMenuA
GetSubMenu
SetMenuDefaultItem
EnableMenuItem
DeleteMenu
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
DestroyMenu
GetClipboardOwner
GetClipboardData
CreateDialogParamA
SetDlgItemTextA
GetWindowRect
GetDesktopWindow
SetWindowPos
RegisterClipboardFormatA
FindWindowA
CallWindowProcA
FindWindowExA
SetWindowTextA
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
OpenDesktopA
EnumDisplaySettingsA
ChangeClipboardChain
LoadIconA
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetClipboardViewer
SystemParametersInfoA
GetWindowDC
PostThreadMessageA
DestroyWindow
GetWindowThreadProcessId
LoadCursorA
AttachThreadInput
GetCaretPos
ClientToScreen
GetClassNameA
GetCursor
GetIconInfo
VkKeyScanA
CharUpperBuffA
GetMessageA
IsWindow
IsDialogMessageA
TranslateMessage
EndDialog
FlashWindow
GetDlgItemTextA
EnumWindows
ReleaseDC
GetDC
GetSystemMetrics
DispatchMessageA
PeekMessageA
CloseDesktop
MessageBoxA
ExitWindowsEx
GetThreadDesktop
SendMessageA
PostMessageA
GetKeyboardState
MapVirtualKeyA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
WindowFromPoint
GetForegroundWindow
mouse_event
GetAsyncKeyState
keybd_event
DialogBoxParamA
GetKeyboardLayoutNameA
wsprintfA
LoadStringA
CopyRect
GetWindowLongA

gdi32

DeleteDC
CreateSolidBrush
SetBkMode
SetBkColor
GetStockObject
CreateCompatibleDC
GetSystemPaletteEntries
CreateHalftonePalette
GetPaletteEntries
DeleteObject
CreatePalette
SelectPalette
RealizePalette
GdiFlush
CreateDIBSection
SelectObject
BitBlt
GetBitmapBits
GetObjectA
GetDeviceCaps

advapi32

SetSecurityDescriptorDacl
CreateProcessAsUserA
RegDeleteKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
RegDeleteValueA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ImpersonateLoggedOnUser
RevertToSelf
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
SetThreadToken
OpenThreadToken
FreeSid
PrivilegedServiceAuditAlarmA
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegQueryValueExA
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetUserNameW
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
DragAcceptFiles
DragQueryFileA

ole32

StringFromIID
CoGetMalloc

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fb80afb14973ccb2fc71f60ce6ea860

Headers

File Characteristics

Imports

version

wsock32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 36KB - Virtual size: 50KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 36KB - Virtual size: 50KB

.rsrc
Size: 28KB - Virtual size: 25KB