423310b29b0f41f8ac30d931c5465e32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

423310b29b0f41f8ac30d931c5465e32_JaffaCakes118
Size

33KB
MD5

423310b29b0f41f8ac30d931c5465e32
SHA1

4636c36750ce92f4915e9e74f0641120273a11b8
SHA256

fc03c2286089cc78e48251f991604d5e8b3bdfbb6b24f848c37040c8ac24a9f2
SHA512

d896f0a00eebca7319e2321025b905bfcc39b86a9d1c7105b4c19d59a555e8555d782303a9df7ba4c781daeea12defce7a8f913a2e871e0368d0811b8259721c
SSDEEP

768:NUXZrvVqYubCQ5ZvFC4e9yzEq9X/4Gbbakzp:SXVvI3jSUXXbbaQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
423310b29b0f41f8ac30d931c5465e32_JaffaCakes118

Files

423310b29b0f41f8ac30d931c5465e32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

730e2465e75b0acae3847f8e5eef66a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleacc

GetRoleTextA
GetOleaccVersionInfo
CreateStdAccessibleProxyW
LIBID_Accessibility
CreateStdAccessibleObject
LresultFromObject
DllGetClassObject
ObjectFromLresult
GetStateTextA
GetRoleTextW
DllUnregisterServer
AccessibleChildren
AccessibleObjectFromEvent
IID_IAccessible
WindowFromAccessibleObject
AccessibleObjectFromWindow
IID_IAccessibleHandler
DllCanUnloadNow
CreateStdAccessibleProxyA
GetStateTextW
AccessibleObjectFromPoint

advapi32

RegDeleteValueW
OpenThreadToken
RegCreateKeyExA
OpenProcessToken
CloseServiceHandle
RegEnumValueW
RegEnumKeyExW
FreeSid
RegDeleteKeyA
RegDeleteKeyW
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
AllocateAndInitializeSid
RegDeleteValueA
GetTokenInformation
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegSetValueExW

rpcrt4

MesInqProcEncodingId
NdrByteCountPointerUnmarshall
DceErrorInqTextW
NdrAsyncServerCall
NdrAsyncClientCall
NdrClientInitialize
MesIncrementalHandleReset

olecli32

OleCopyToClipboard
OleQueryLinkFromClip
OleEqual
OleSetHostNames
OleCreateFromClip
OleQueryType
OleSaveToStream
OleSetBounds
OleCopyFromLink
OleSetTargetDevice
OleLoadFromStream
OleQueryCreateFromClip
OleClone
OleDelete
OleCreateLinkFromClip

oleaut32

VariantInit
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetElement
VariantCopyInd
SafeArrayAccessData
SysAllocStringByteLen
SafeArrayPutElement
GetErrorInfo
SetErrorInfo
SafeArrayCreate
SafeArrayGetLBound
VariantChangeTypeEx
SysStringByteLen
RegisterTypeLib
SysAllocStringLen
VariantChangeType
GetActiveObject
LoadTypeLibEx
LoadTypeLib
SafeArrayUnaccessData
SafeArrayGetUBound
CreateErrorInfo
VariantCopy
SysFreeString
SysStringLen
VariantClear

ole32

CLSIDFromString
BindMoniker
CoCancelCall
CoDisableCallCancellation
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserFree
CoCreateInstance
OleInitialize
CLIPFORMAT_UserUnmarshal
CoDeactivateObject
CoAddRefServerProcess
CoCreateInstanceEx
CLSIDFromProgIDEx
OleGetClipboard
CLIPFORMAT_UserSize
CoCopyProxy
CoCreateFreeThreadedMarshaler
CLSIDFromProgID
CoAllowSetForegroundWindow
CoCreateGuid

gdi32

CreatePen
RestoreDC
SetTextColor
CreateCompatibleDC
BitBlt
RealizePalette
GetSystemPaletteEntries
CreateRectRgn
GetDeviceCaps
ExtTextOutA
UnrealizeObject
GetTextExtentPointA
GetStockObject
SelectPalette
SelectClipRgn
DeleteDC
DeleteObject
CreateSolidBrush
SelectObject
CreatePalette
CreateFontIndirectA
SaveDC
CreateDIBitmap
LineTo
SetBkColor
MoveToEx

ws2_32

send
recv
accept
WSAGetLastError
WSACleanup
socket
connect

version

VerQueryValueW
GetFileVersionInfoSizeA

crypt32

CertAddCTLLinkToStore

user32

EndDialog
GetDC
MessageBoxA
TranslateMessage
GetSystemMetrics
ShowWindow
GetClientRect
ReleaseDC
GetDlgItem
LoadStringW
GetWindowRect
EnableWindow

shell32

DAD_DragEnterEx
DragFinish
DllRegisterServer
PickIconDlg
DllGetVersion
PathQualify
IsNetDrive
SHDefExtractIconW
GetFileNameFromBrowse
SHChangeNotifyRegister
DllUnregisterServer
Shell_GetImageLists
DllInstall
SHCoCreateInstance
SHStartNetConnectionDialogW
RestartDialog
PathResolve
PifMgr_OpenProperties
Shell_MergeMenus
IsLFNDrive
SHILCreateFromPath
SHGetSetSettings
DllGetClassObject
DriveType
SHChangeNotifyDeregister

kernel32

ReadConsoleOutputW
RaiseException
GetFullPathNameA
ReadConsoleInputA
GetFileSize
LocalFileTimeToFileTime
GetFileAttributesA
WriteFile
ReadFile
EnterCriticalSection
ReadConsoleA
WaitForSingleObject
SetConsoleCtrlHandler
GetLocaleInfoA
GetCurrentDirectoryA
SetLastError
GetFileTime
ExpandEnvironmentStringsA
FindClose
PeekConsoleInputA
GetFileInformationByHandle
FreeConsole
GetDiskFreeSpaceA
LoadLibraryExA
GetConsoleCP
GetLargestConsoleWindowSize
GetModuleFileNameA
GetTickCount
FindCloseChangeNotification
GetLastError
LeaveCriticalSection
SetConsoleCursorPosition
GetCurrentProcessId
SetConsoleMode
FindFirstChangeNotificationA
SetEnvironmentVariableA
DeleteFileA
CreateFileW
SetErrorMode
WaitForMultipleObjects
SetFileTime
PeekConsoleInputW
RemoveDirectoryA
WriteConsoleInputW
QueryDosDeviceA
GetConsoleScreenBufferInfo
SetStdHandle
GetModuleHandleA
ReleaseMutex
MoveFileA
SetFilePointer
DeleteCriticalSection
LoadLibraryA
CreateProcessA
TerminateProcess
GetStdHandle
GetConsoleCursorInfo
InterlockedIncrement
SetConsoleActiveScreenBuffer
GetCompressedFileSizeA
UnmapViewOfFile
FreeLibrary
GlobalMemoryStatus
SetConsoleWindowInfo
CreateFileA
SetConsoleCursorInfo
IsBadReadPtr
SearchPathA
FileTimeToLocalFileTime
FindFirstFileA
GetConsoleOutputCP
GetEnvironmentVariableA
GetVolumeInformationA
FileTimeToDosDateTime
SetConsoleCP
SetConsoleTextAttribute
SetCurrentDirectoryA
GetLogicalDrives
AllocConsole
InitializeCriticalSection
BackupWrite
ReadConsoleInputW
GetShortPathNameA
GetVersionExA
GetSystemTime
IsBadWritePtr
CreateDirectoryA
OpenProcess
IsBadCodePtr
GetConsoleMode
CreateMutexA
WriteConsoleOutputA
DefineDosDeviceA
SetFileApisToOEM
CopyFileA
WriteConsoleOutputW
GetCurrentThreadId
GetFileType
lstrcmpiA
CompareStringA
GetSystemTimeAsFileTime
SetConsoleScreenBufferSize
SetConsoleOutputCP
InterlockedDecrement
FlushFileBuffers
ReadConsoleOutputA
FindNextFileA
MoveFileExA
CreateFileMappingA
SetFileApisToANSI
SetConsoleTitleA
SetEndOfFile
VirtualAlloc
SystemTimeToFileTime
MapViewOfFile
FormatMessageA
ReadConsoleW
GetNumberFormatA

Sections

.text
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

730e2465e75b0acae3847f8e5eef66a4

Headers

File Characteristics

Imports

oleacc

advapi32

rpcrt4

olecli32

oleaut32

ole32

gdi32

ws2_32

version

crypt32

user32

shell32

kernel32

Sections

.text Size: 1024B - Virtual size: 880B

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 3KB - Virtual size: 48KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 1024B - Virtual size: 880B

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 3KB - Virtual size: 48KB

.rsrc
Size: 6KB - Virtual size: 6KB