449cc6b85eb20f423d823a0c63452263_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

449cc6b85eb20f423d823a0c63452263_JaffaCakes118
Size

95KB
MD5

449cc6b85eb20f423d823a0c63452263
SHA1

159b8b406575d5b8017cd703bb4c0c94170627b1
SHA256

e73407cf9b910f58b5a01acbdafbdd2c0f26c0da58fecd9fe8f53cb02b07fdb7
SHA512

13a8b24e1ea06554449fe1999c4a321da6572c1d23dca2dcc894e640ffa2ac143e06a46f565af2bef318ac4515e9c202dddfb07c8a54e3b59e7c2b5a445d6a0c
SSDEEP

1536:eKyb3uqAPwKsf7UgOZdbpEQul4etMLnuakeTMpviFeNBsCj:eKlcf+b2jlGnTkzviuBsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
449cc6b85eb20f423d823a0c63452263_JaffaCakes118

Files

449cc6b85eb20f423d823a0c63452263_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a72eec4acf12cf26beedcb04598b060e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
DebugBreak
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FormatMessageW
FreeLibrary
GetComputerNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetShortPathNameW
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetTickCount
GetVersionExA
GetWindowsDirectoryW
CloseHandle
HeapDestroy
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
CompareStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LocalSize
LockResource
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
CreateDirectoryW
SetFileAttributesW
SetFilePointer
CreateFileMappingW
SetUnhandledExceptionFilter
CreateFileW
SizeofResource
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualQueryEx
WaitForSingleObject
WriteFile
CreateMutexW
lstrcatA
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW

user32

LoadStringW

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoSetProxyBlanket

ntdll

NtClose
NtCompareTokens
NtCreateFile
NtDuplicateToken
DbgPrint
NtFsControlFile
NtOpenFile
NtOpenKey
NtOpenSection
NtQueryInformationToken
NtQuerySystemInformation
NtSetInformationProcess
NtSetUuidSeed
RtlAddAce
RtlAdjustPrivilege
RtlAllocateAndInitializeSid
RtlAllocateHeap
RtlCopySid
RtlCreateAcl
RtlCreateSecurityDescriptor
RtlDeleteCriticalSection
RtlEqualUnicodeString
RtlFreeHeap
RtlGetNtProductType
RtlImageNtHeader
RtlInitString
RtlInitUnicodeString
RtlInitializeCriticalSection
RtlInitializeSid
RtlLengthRequiredSid
RtlLengthSid
RtlNtStatusToDosError
RtlSetDaclSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlSetSaclSecurityDescriptor
RtlSubAuthoritySid
NtAllocateLocallyUniqueId

comctl32

InitCommonControlsEx

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdi32

AbortPath
Arc
ArcTo
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
Ellipse
EndPath
BeginPath
BitBlt
EnumEnhMetaFile
EnumFontFamiliesExA
EnumFontFamiliesExW
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtEscape
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FillPath
FillRgn
FlattenPath
GdiComment
Chord
CloseEnhMetaFile
GdiFlush
CloseFigure
CombineRgn
GetBkColor
GetBkMode
CombineTransform
CopyEnhMetaFileA
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileA
GetEnhMetaFileBits
CopyMetaFileA
GetEnhMetaFileHeader
GetEnhMetaFileW
GetGraphicsMode
CreateBitmap
GetMapMode
GetMetaFileA
GetMetaFileBitsEx
GetMetaFileW
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetObjectW
CreateBrushIndirect
GetPaletteEntries
GetPath
GetPixel
GetROP2
GetRandomRgn
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetSystemPaletteUse
GetTextAlign
GetTextCharsetInfo
GetTextColor
CreateCompatibleBitmap
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWinMetaFileBits
CreateCompatibleDC
GetWindowExtEx
GetWindowOrgEx
GetWorldTransform
IntersectClipRect
LPtoDP
LineTo
CreateDCA
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
PatBlt
Pie
PlayEnhMetaFile
PlayEnhMetaFileRecord
PlayMetaFile
PlayMetaFileRecord
PlgBlt
PolyBezier
PolyBezierTo
PolyDraw
PolyPolygon
PolyPolyline
CreateDIBPatternBrushPt
Polygon
Polyline
PolylineTo
RealizePalette
CreateDIBSection
Rectangle
ResizePalette
CreateDIBitmap
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBitmapBits
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetICMMode
CreateEnhMetaFileA
SetMapMode
SetMapperFlags
SetMetaFileBitsEx
SetMetaRgn
SetMiterLimit
SetPaletteEntries
CreateEnhMetaFileW
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
CreateFontIndirectA
StretchBlt
StretchDIBits
StrokeAndFillPath
StrokePath
TranslateCharsetInfo
WidenPath
CreateFontIndirectW
CreateICA
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreateRectRgn
AngleArc
CreateSolidBrush
DPtoLP

comdlg32

GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA

Sections

.text
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a72eec4acf12cf26beedcb04598b060e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ntdll

comctl32

shell32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 796B

.rdata Size: 4KB - Virtual size: 482B

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 796B

.rdata
Size: 4KB - Virtual size: 482B

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 12KB - Virtual size: 12KB