401574d9c609f7ca3e32a310e77356a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

401574d9c609f7ca3e32a310e77356a2_JaffaCakes118
Size

389KB
MD5

401574d9c609f7ca3e32a310e77356a2
SHA1

19b6105232c7dc20b3d61d5c1729f5dfa9e80a88
SHA256

6291066f61b3ddc3fb39f11ba08ab00df961c36e45d22592433f41c95a2a6b81
SHA512

0555b617e325975ac7808e0ac7369c401274afd2037b4bd0125f12adb655c0df05c66ad5426b3ab51c9c5dcf52de2fab3c9547c81ceabacb67e08e35b34b8e39
SSDEEP

6144:W2OBODIntw4/4oEBLsvD5EIViFoDW0dNU4pMjydccoSAY1NEE:WvBOMy4DEtI+kW0Ed11xYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
401574d9c609f7ca3e32a310e77356a2_JaffaCakes118

Files

401574d9c609f7ca3e32a310e77356a2_JaffaCakes118
.exe windows:9 windows x86 arch:x86

bffab7648e45badc228f22428fdb7d3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
ExtractIconExW

comdlg32

GetOpenFileNameW

ole32

CoUninitialize
CoCreateInstance

user32

GetClientRect
SetClassLongW
LockSetForegroundWindow
GetSysColor
GetWindowThreadProcessId
GetMenu
LoadStringW
KillTimer
wsprintfW
GetSystemMetrics
DrawFocusRect
SendDlgItemMessageW
SetWindowTextW
UnhookWindowsHookEx
ReleaseDC
GetCursorPos
SendMessageW
SetActiveWindow
DestroyIcon
EnableMenuItem
CreateIconIndirect
AppendMenuW
SystemParametersInfoW
LoadIconW

msorcl32

SQLGetStmtOption
SQLCancel
SQLSetPos
DllRegisterServer
SQLGetTypeInfo
SQLDisconnect
SQLPutData
SQLAllocEnv
SQLBrowseConnect
SQLRowCount
SQLBindCol
SQLColAttributes
SQLProcedures
SQLBindParameter
SQLTables
SQLPrimaryKeys
SQLExtendedFetch

mapi32

cmc_logon
MAPIUninitialize
HrSetOmiProvidersFlagsInvalid
OpenTnefStreamEx
OpenTnefStream
MAPIResolveName
BMAPIGetAddress
cmc_list
MAPIReadMail
MAPIDeleteMail
PRProviderInit
DllGetClassObject
cmc_send_documents

setupapi

SetupCloseInfFile
SetupGetLineTextW
SetupGetStringFieldW
SetupOpenInfFileW

advapi32

CloseServiceHandle
FreeSid
RegOpenKeyExW
OpenServiceW
OpenSCManagerW
RegCloseKey
DeleteAce
WriteEncryptedFileRaw

syssetup

AsrFreeContext

mpr

WNetCancelConnection2W
WNetGetConnectionW

msacm32

acmStreamClose
acmDriverDetailsA
XRegThunkEntry
acmDriverOpen
acmFormatTagDetailsW
acmDriverAddW
acmMessage32
acmGetVersion
acmFilterChooseW
acmStreamSize
acmStreamPrepareHeader
acmFormatTagEnumW
acmStreamMessage
acmFormatEnumW

netapi32

NetApiBufferFree
NetWkstaGetInfo

gdi32

SelectObject
CombineRgn
BitBlt

kernel32

WaitForSingleObject
CreateHardLinkW
CreateEventW
GetTapeStatus
GetProcessHeap
HeapSize
DeleteFileW
VerSetConditionMask
HeapAlloc
GetCompressedFileSizeW
GetEnvironmentVariableW
WideCharToMultiByte
GetFileInformationByHandle
ReleaseSemaphore
GetComputerNameW
WriteFile
CreateDirectoryW
SetTapePosition
GetTickCount
VirtualAlloc
PrepareTape
BackupRead
LocalAlloc
FileTimeToSystemTime
GetVersionExA
ReleaseMutex
FindFirstFileW
CreateFileW
UnhandledExceptionFilter
ExitThread
CompareStringW
EraseTape
CloseHandle
LoadLibraryA
GetVolumePathNameW
GetSystemDirectoryW
SetCurrentDirectoryW
ReadFile
LocalFree
GetCurrentThread
SetEndOfFile
ExpandEnvironmentStringsW
VirtualFree
GetDriveTypeW
GetCurrentThreadId
MoveFileExW
TerminateThread
GetStartupInfoW
GetModuleFileNameW

comctl32

DestroyPropertySheetPage
ImageList_GetIcon
ImageList_AddMasked

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bffab7648e45badc228f22428fdb7d3e

Headers

DLL Characteristics

File Characteristics

Imports

shell32

comdlg32

ole32

user32

msorcl32

mapi32

setupapi

advapi32

syssetup

mpr

msacm32

netapi32

gdi32

kernel32

comctl32

Sections

.text Size: 265KB - Virtual size: 265KB

.data Size: 26KB - Virtual size: 25KB

.rsrc Size: 96KB - Virtual size: 708KB

.text
Size: 265KB - Virtual size: 265KB

.data
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 96KB - Virtual size: 708KB