5288b5cf3a473b544e837a0add414ac6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5288b5cf3a473b544e837a0add414ac6_JaffaCakes118
Size

147KB
MD5

5288b5cf3a473b544e837a0add414ac6
SHA1

c02fe8d4e2a6f4a6a4fa42f29ebacd8da9f496f6
SHA256

61f21a18a6b67459b78fb415a36afeb21562f697968c30ab253d1f6a9169b2a2
SHA512

7a57668e09ce5aa63990c26cf50cf932ec72bb3db2fe8c8f766ab1882d0ae4e19411c66d1de09cde022fcc7b2a245fec141e012651e4eca8154d43b73abc78e1
SSDEEP

3072:69JQd0kZPioFAH0RHVRdQhv2cb9oaECOO4feQuvlV77nA:YoFy+oB2LO4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5288b5cf3a473b544e837a0add414ac6_JaffaCakes118

Files

5288b5cf3a473b544e837a0add414ac6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2a28b7dc8207b9f25d3f755a6f9c7ec0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLastError
GetCurrentThreadId
GetVersionExW
GetSystemInfo
Sleep
WaitForSingleObject
InterlockedCompareExchange
OutputDebugStringA
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
TerminateProcess
GetFileAttributesW
SetEvent
GetWindowsDirectoryW
InterlockedExchange
GetSystemDefaultLCID
FormatMessageW
GetVersion
LocalAlloc
LocalFree
CompareStringW
GetCurrentThread
CloseHandle
lstrcpynW
GetCurrentProcess
FreeLibraryAndExitThread
GetModuleHandleW
SetLastError
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcmpiW
lstrlenW
lstrcatW
lstrcpyW
CompareFileTime
VirtualProtect

user32

SetDlgItemTextW
SetFocus
EnableWindow
CheckDlgButton
GetSystemMetrics
GetClientRect
ShowWindow
SetCursor
LoadCursorW
SetWindowLongW
LoadStringW
GetParent
WinHelpW
GetDlgItemTextW
PostMessageW
GetWindowRect
DispatchMessageW
SetScrollInfo
SetWindowPos
SendDlgItemMessageW
IsWindowEnabled
GetDlgItem
SendMessageW
InflateRect
LoadBitmapW
MapWindowPoints
MoveWindow
MessageBeep
CheckRadioButton
SetWindowTextW
IsDlgButtonChecked
EndDialog
DialogBoxParamW
GetFocus
MessageBoxW
wsprintfW
GetWindow
SystemParametersInfoW
FindWindowExW
GetWindowThreadProcessId
LoadIconW
DestroyWindow
CharUpperW
SetTimer
GetMessageW
TranslateMessage
IsWindowVisible
GetWindowLongW
KillTimer

advapi32

GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyA
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
CloseServiceHandle
RegQueryValueExW
GetTokenInformation
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegDeleteValueW
RegDeleteKeyW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
ChangeServiceConfigW
RegEnumKeyExW
GetLengthSid
OpenProcessToken
OpenThreadToken
DuplicateTokenEx
AdjustTokenPrivileges
SetThreadToken
GetSecurityDescriptorControl
EqualSid

gdi32

GetObjectW
DeleteObject

ole32

StringFromIID
CoCreateGuid
StringFromCLSID
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc

msvcrt

memcpy
_amsg_exit
_lock
__dllonexit
_callnewh
_unlock
memset
wcslen
_adjust_fdiv
free
_wtoi
iswdigit
_itow
wcstoul
wcsncpy
_wcsicmp
_CxxThrowException
wcscat
_ultow
wcstombs
wcscpy
_except_handler3
time
__CxxFrameHandler
_vsnwprintf
_onexit
malloc
_initterm

msvcp60

??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a28b7dc8207b9f25d3f755a6f9c7ec0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

msvcp60

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 35KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 35KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 5KB - Virtual size: 4KB