532a8449e03e8ebc3b586bf3462c5e63_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

532a8449e03e8ebc3b586bf3462c5e63_JaffaCakes118
Size

458KB
MD5

532a8449e03e8ebc3b586bf3462c5e63
SHA1

1a150e2a618e840f9bb82904cf50dccc55a57a33
SHA256

ea22f017c0036b2d3ee6dc884fbb54af5dea14fe007cb934d340825107ccb543
SHA512

b17fb2dd42752ae26f1a64da824105e6c4a1e6023d3233226d341ed47c13e608110dceaac0d67ae83d1ec1c02cffba5f4175a045647a322a23f9bae9cd270778
SSDEEP

12288:YDj54Pm9zby3Wlu6IzDNzjLByKJrMZjOUSOI60:etyavWMu6ItzJyurMZzN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
532a8449e03e8ebc3b586bf3462c5e63_JaffaCakes118

Files

532a8449e03e8ebc3b586bf3462c5e63_JaffaCakes118
.exe windows:5 windows x86 arch:x86

30917d501df94f4cc6b4fe22ac67ca9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumValueW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW

user32

UnhookWindowsHookEx
SetPropW
FindWindowExW
GetDlgItemTextW
GetPropW
CallNextHookEx
RegisterWindowMessageA
GetDlgItem
MsgWaitForMultipleObjects
SendDlgItemMessageW
DestroyWindow
TranslateAcceleratorW
SetCursor
DestroyMenu
GetDlgItemInt
CopyRect
LoadCursorW
GetSystemMenu
GetWindowLongA
DrawEdge
EqualRect
GetKeyboardLayout
DialogBoxIndirectParamW
IntersectRect
RemovePropW
IsWindowVisible
CreatePopupMenu
GetWindowTextW
DrawFocusRect
MapWindowPoints
MessageBeep
ShowCursor
GetWindowLongW
DlgDirListW
CharLowerW
PostMessageW
WinHelpW
CreateDialogIndirectParamW
CharPrevW
CheckRadioButton
IsWindowEnabled
GetWindowRect
SetWindowPlacement
DeferWindowPos
GetWindowTextLengthW
EnumChildWindows
GetWindow
GetWindowPlacement
LoadImageW
ScreenToClient
EndDialog
TranslateMessage
EndPaint
SetDlgItemTextA
CharNextW
LoadAcceleratorsW
SetDlgItemInt
CreateDialogIndirectParamA
BeginPaint
SetFocus
FrameRect
GetDialogBaseUnits
SetWindowTextW
GrayStringW
DrawIcon
DialogBoxIndirectParamAorW
GetDC
ClipCursor
ShowWindow
SetWindowLongW
LockWindowUpdate
DrawTextW
ValidateRect
MoveWindow
LoadIconW
CharNextA
RegisterWindowMessageW
CallWindowProcW
RegisterClipboardFormatW
InvalidateRect
EnableWindow
CreateWindowExW
SetParent
FillRect
IsWindow
BeginDeferWindowPos
SetDlgItemTextW
ReleaseDC
GetDlgItemTextA
SetWindowsHookExW
LoadStringW
SetTimer
EndDeferWindowPos
SetCapture
RedrawWindow
CheckDlgButton
KillTimer
ChildWindowFromPoint
DispatchMessageW
GetSysColorBrush
InflateRect
UpdateWindow
IsDlgButtonChecked
CreateDialogIndirectParamAorW
DeleteMenu
GetClientRect
GetKeyState
GetParent
SendMessageW
PeekMessageW
GetSystemMetrics
DefWindowProcW
PtInRect
GetFocus
SetWindowPos
GetSysColor
GetLastActivePopup
MessageBoxW
GetDlgCtrlID

kernel32

GetProcessVersion
CreateFileW
FindResourceW
ResetEvent
GetCurrentProcessId
TlsSetValue
GetSystemTimeAsFileTime
lstrcpyA
lstrlenW
InterlockedDecrement
GetCurrentThreadId
GetVersionExA
SizeofResource
CloseHandle
DeleteCriticalSection
LocalFree
GetModuleHandleW
GetFileAttributesW
SetUnhandledExceptionFilter
GetProcAddress
CreateEventW
SetEvent
FindNextFileW
FindClose
LockResource
DisableThreadLibraryCalls
GetProfileStringW
GetUserDefaultLCID
WideCharToMultiByte
FreeLibraryAndExitThread
SetErrorMode
GetLastError
SetLastError
InterlockedIncrement
lstrcmpW
LoadLibraryW
GetDriveTypeW
FormatMessageW
FindFirstFileW
MultiByteToWideChar
GetShortPathNameW
FindResourceExW
VirtualAllocEx
UnhandledExceptionFilter
Sleep
GlobalFree
FindResourceA
DeleteFileW
GetSystemDefaultUILanguage
ExpandEnvironmentStringsW
GetTickCount
InterlockedCompareExchange
QueryPerformanceCounter
SetCurrentDirectoryW
lstrcpynW
lstrcmpiW
GlobalAlloc
TlsGetValue
LocalReAlloc
GetVolumeInformationW
GetACP
GlobalUnlock
GetModuleHandleA
DelayLoadFailureHook
GlobalLock
GlobalReAlloc
FreeLibrary
GetFullPathNameW
GetCurrentProcess
TerminateProcess
lstrlenA
GetModuleFileNameW
InterlockedExchange
TlsAlloc
LoadLibraryA
LoadResource
GetTempFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateThread
lstrcpyW
GetLocaleInfoW
MulDiv
GetCurrentDirectoryW
WaitForSingleObject
TlsFree
LocalAlloc

ws2_32

getnameinfo
WSAEventSelect
WSALookupServiceEnd
WSAIoctl
WSASocketW
getaddrinfo
WSAAddressToStringW
WSALookupServiceNextW
WSAAddressToStringA
WSASendTo
WSAStringToAddressA
WSALookupServiceBeginW
freeaddrinfo
WSARecvFrom

dnsapi

DnsReplaceRecordSetW

ntdll

wcslen
NtQueryVirtualMemory
RtlUnicodeStringToAnsiString
RtlAnsiStringToUnicodeString
RtlInitUnicodeStringEx
memmove
RtlUnwind
_chkstk
_vsnwprintf
RtlUnicodeToMultiByteSize
_wcsicmp
RtlIsNameLegalDOS8Dot3

mswsock

GetAcceptExSockaddrs
AcceptEx

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance

gdi32

CreateCompatibleDC
SetMapMode
CreateRectRgnIndirect
LineTo
GetNearestColor
GetObjectW
SetWindowExtEx
ExtTextOutW
CreateDCW
Rectangle
SelectClipRgn
GetCharWidth32W
GetMapMode
GetStockObject
DeleteObject
CreateCompatibleBitmap
MoveToEx
GetTextMetricsW
TextOutW
CreatePen
GetTextCharsetInfo
SetViewportExtEx
TranslateCharsetInfo
SetTextColor
SetBkColor
GetTextExtentPointW
SetBkMode
GetWindowExtEx
GetTextCharset
CreateDiscardableBitmap
ExcludeClipRect
CreateFontIndirectW
EnumFontFamiliesExW
CreateFontW
SelectPalette
CreateSolidBrush
SelectObject
CreateDIBitmap
RealizePalette
PatBlt
BitBlt
GetDeviceCaps
DeleteDC
CreateICW
GetViewportExtEx

comctl32

ImageList_Destroy
PropertySheetW
ImageList_Draw
CreatePropertySheetPageW
CreateToolbarEx
InitCommonControlsEx
ImageList_GetIconSize

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 405KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30917d501df94f4cc6b4fe22ac67ca9e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

ws2_32

dnsapi

ntdll

mswsock

ole32

gdi32

comctl32

Sections

.text Size: 14KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 20KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 405KB - Virtual size: 1.8MB

.text
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 20KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 405KB - Virtual size: 1.8MB