263995004fd32e48da1b15c88c7f6adf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

263995004fd32e48da1b15c88c7f6adf_JaffaCakes118
Size

844KB
MD5

263995004fd32e48da1b15c88c7f6adf
SHA1

747275d015e73a1503dbbf5f244076edd6e3fdf3
SHA256

de4c66fd76cd6824b07818daacf5e9e86426ed608a41b0f7c459d29fa35cc5f3
SHA512

f90fe5fad86835de2c1d71c0ac4d495f74c36c4732346d3807afa2407359db269e818871dcdeb3b65656fe550a77f60e004ff888fe3e9419182493d469bae173
SSDEEP

24576:c2AksuXeUtXPoVucptBP8FAl65/54Xmv+BK++l:lB3tXqhptZ8OI5/om++l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263995004fd32e48da1b15c88c7f6adf_JaffaCakes118

Files

263995004fd32e48da1b15c88c7f6adf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

252c3f619da97830b7f40be67da66726

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
WSACleanup

kernel32

GetCPInfo
HeapSize
HeapReAlloc
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetStdHandle
WriteFile
RtlUnwind
EnterCriticalSection
GetACP
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
lstrlenA
Toolhelp32ReadProcessMemory
FlushFileBuffers
LoadLibraryA
FreeUserPhysicalPages
TransmitCommChar
CreateFileMappingW
GetModuleFileNameA
IsBadStringPtrW
CompareStringA
IsBadCodePtr
CreateMutexA
GetLastError
GetAtomNameW
FindNextChangeNotification
FindResourceW
GetCommandLineA
FreeResource
IsBadWritePtr
DebugActiveProcess
GetCalendarInfoA
ReadProcessMemory
ConvertDefaultLocale
GetModuleFileNameW
lstrlenW
FreeEnvironmentStringsW
WriteProcessMemory
FindNextVolumeMountPointW
DisableThreadLibraryCalls
IsBadHugeWritePtr
GenerateConsoleCtrlEvent
GetCurrentProcess
IsDebuggerPresent
FreeEnvironmentStringsA
GetModuleHandleA
FindResourceA
FlushInstructionCache
FindResourceExA
lstrcmpA
lstrcatA
lstrcmpiA
TerminateThread
Sleep
CompareStringW
CreateFileW
TlsGetValue
CreateFiberEx
AddAtomW
IsDBCSLeadByte
lstrcpyA
CopyFileExW
GetProcAddress
FlushConsoleInputBuffer
AssignProcessToJobObject
TerminateProcess
ExitProcess
LCMapStringW
LeaveCriticalSection

user32

DlgDirListComboBoxA
ShowWindow
SwapMouseButton
VkKeyScanA
WindowFromDC
ExcludeUpdateRgn
SetWindowTextA
ValidateRect
GetClipboardData
SwitchDesktop
GetAltTabInfoA
DestroyWindow
ShowScrollBar
SystemParametersInfoW
DestroyMenu
TrackMouseEvent
SetWindowsHookA
GetAncestor
MessageBoxW
GetCaretBlinkTime
ShowWindowAsync
UnhookWinEvent
FlashWindowEx
SetWindowsHookExW
UnregisterHotKey
DrawFocusRect
ArrangeIconicWindows
DlgDirListComboBoxW
ActivateKeyboardLayout
UnloadKeyboardLayout
EndDeferWindowPos
ShowCaret
DrawAnimatedRects
DlgDirListA
UpdateLayeredWindow
DialogBoxParamA
SystemParametersInfoA
GetClassWord
GetCaretPos
DlgDirListW
AnyPopup
EndDialog
DestroyCaret
SetWindowsHookExA
VkKeyScanExW
ShowCursor
DestroyCursor
EndPaint
GetActiveWindow
MessageBoxA
ToAsciiEx
DrawIcon
EndMenu
DrawCaption
TabbedTextOutW

gdi32

StrokePath
SetStretchBltMode
GetTextCharacterExtra
SetPaletteEntries
SelectClipRgn
CreateHalftonePalette
SetMapperFlags
ResetDCW
GetStockObject
RemoveFontResourceExA
SetMiterLimit
SetICMMode
GetLayout
PlayMetaFile
GetKerningPairsA
SetWorldTransform
OffsetRgn
OffsetViewportOrgEx
CombineRgn
GetObjectType
PlgBlt
CreatePolyPolygonRgn
StartDocW
SetROP2
RemoveFontResourceA
SetDIBitsToDevice
WidenPath
IntersectClipRect
RestoreDC
CreateDiscardableBitmap
GetMiterLimit
ColorMatchToTarget
SetDeviceGammaRamp
BeginPath
CreatePatternBrush
ColorCorrectPalette
SetRectRgn
SetMetaRgn
CreateEllipticRgn
GetNearestPaletteIndex
CancelDC
SetTextJustification
UpdateColors
GetTextColor
GetViewportOrgEx
ScaleWindowExtEx
SetDCBrushColor
CreateHatchBrush
SelectPalette
MoveToEx
RemoveFontMemResourceEx
GetTextAlign
GetRasterizerCaps
CreatePen
GetTextCharsetInfo
RoundRect
PlayEnhMetaFile
CreateEnhMetaFileW
SetPixel
GetPath
SetDCPenColor
PolyBezier
GetWorldTransform
SetSystemPaletteUse
GetTextCharset
UnrealizeObject
Pie
GetPixelFormat
CopyEnhMetaFileW
GetTextMetricsW
SetTextAlign
AbortDoc
SetGraphicsMode
SetICMProfileW
PathToRegion
CloseFigure
AbortPath

ole32

CoInitialize

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

252c3f619da97830b7f40be67da66726

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

ole32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 88KB - Virtual size: 87KB