55ece8a4e3b4baeaa818ec50ae7c2b0d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

55ece8a4e3b4baeaa818ec50ae7c2b0d_JaffaCakes118
Size

219KB
MD5

55ece8a4e3b4baeaa818ec50ae7c2b0d
SHA1

6a6adf238f3e409ffc8eb937b478903d37c002ed
SHA256

f290279c41e07c6dc767b04fe37a3ac85b8888237c86cc4c97696d9d0fed5e70
SHA512

25d64d683634841184c4003edee91e01c2a463723f9abe603f5caf3c9dd10c0cb2478903a456a94e7a3390f3ca8b58724e6ffe41874710e6c874d508b44b7d8d
SSDEEP

6144:r5OoV5ZOHCRpvwiwJ1Mvhi20fZhthDctZYcnEZ5:rtPvw9GEcEZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55ece8a4e3b4baeaa818ec50ae7c2b0d_JaffaCakes118

Files

55ece8a4e3b4baeaa818ec50ae7c2b0d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

817aebb79fac0f1b65005034195b1336

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrClientInitialize
NdrByteCountPointerUnmarshall
CStdStubBuffer_CountRefs
MesIncrementalHandleReset
NDRSContextMarshall
NDRcopy
MesEncodeFixedBufferHandleCreate
NdrAllocate
DllGetClassObject
MesBufferHandleReset
NdrByteCountPointerFree
MesDecodeIncrementalHandleCreate
NDRCContextMarshall
DceErrorInqTextW
CreateStubFromTypeInfo
NdrAsyncClientCall
MesHandleFree
NDRSContextMarshallEx
NdrAsyncServerCall
DllRegisterServer
NdrByteCountPointerBufferSize
NdrConformantStructBufferSize
MesInqProcEncodingId
NDRCContextBinding

oleaut32

SafeArrayPutElement
LoadTypeLib
VariantChangeType
SafeArrayCreate
SafeArrayGetLBound
SysAllocStringLen
SafeArrayGetElement
LoadTypeLibEx
VariantCopyInd
SafeArrayUnaccessData
OleLoadPicture
SysStringByteLen
RegisterTypeLib
SysFreeString
SafeArrayPtrOfIndex
VariantCopy
GetErrorInfo
SysStringLen
CreateErrorInfo
SetErrorInfo
SysReAllocStringLen
SafeArrayAccessData
VariantInit
SafeArrayGetUBound
GetActiveObject
VariantChangeTypeEx
VariantClear

gdi32

SetTextColor
UnrealizeObject
ExtTextOutA
GetTextMetricsA
DeleteDC
RealizePalette
GetStockObject
SelectObject
SelectClipRgn
GetObjectA
GetTextExtentPointA
BitBlt
CreateFontIndirectA
CreatePen
SaveDC
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
CreateRectRgn
SetBkColor
RestoreDC
DeleteObject
LineTo
CreateDIBitmap
CreatePalette
MoveToEx
GetSystemPaletteEntries

shell32

DllGetVersion
SHGetSetSettings
Shell_GetImageLists
SHDefExtractIconW
DragAcceptFiles
PathResolve
IsLFNDrive
PathQualify
RestartDialog
SHChangeNotifyDeregister
DllGetClassObject
DragFinish
PifMgr_OpenProperties
DriveType
DAD_DragEnterEx
DAD_DragLeave
GetFileNameFromBrowse
DllRegisterServer
Shell_GetCachedImageIndex
SHCoCreateInstance
DAD_DragMove
Shell_MergeMenus
SHStartNetConnectionDialogW
SHILCreateFromPath
IsNetDrive
DllUnregisterServer
PickIconDlg
SHChangeNotifyRegister
DllCanUnloadNow

user32

SendMessageA
LoadStringA
EnableWindow
EndDialog
TranslateMessage
KillTimer
DefWindowProcA
ShowWindow
GetParent
GetWindowLongA
GetDC
ReleaseDC
MessageBoxW
SetWindowPos
PostMessageW
CreateWindowExA
wsprintfA
GetDesktopWindow
InvalidateRect
SetCursor
DispatchMessageA
GetWindowRect
GetSysColor
CharNextA
EndPaint
SendMessageW
DestroyWindow
CharNextW
GetClientRect
PostQuitMessage
MessageBoxA
IsWindow
SetFocus

kernel32

SetFileAttributesA
GetFullPathNameW
FindNextFileA
CreateMutexA
GetExitCodeProcess
VirtualAlloc
SizeofResource
SetThreadPriority
CreateDirectoryA
ExpandEnvironmentStringsA
ExitProcess
GetCommandLineW
OpenProcess
LoadResource
VirtualFree
CloseHandle
DeviceIoControl
CreateMutexW
MulDiv
GetComputerNameW
RaiseException
ResumeThread
CopyFileW
IsDBCSLeadByte
FindResourceA
lstrcatW
IsValidCodePage
RemoveDirectoryW
LockResource
GetCurrentDirectoryW
CreateFileMappingW
CreateProcessW
GetWindowsDirectoryW
WriteConsoleW
OutputDebugStringW
ReleaseSemaphore
IsBadCodePtr
GetLastError
FileTimeToLocalFileTime
AddAtomW
GetCurrentProcess

advapi32

RegQueryValueExW
OpenProcessToken
RegSetValueExW
AllocateAndInitializeSid
RegQueryInfoKeyW
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
OpenThreadToken
GetTokenInformation
RegCloseKey
RegDeleteValueW
RegDeleteKeyA
InitializeSecurityDescriptor
RegOpenKeyExW
FreeSid
RegEnumKeyExA
RegCreateKeyExW

Sections

.textbss
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

817aebb79fac0f1b65005034195b1336

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

oleaut32

gdi32

shell32

user32

kernel32

advapi32

Sections

.textbss Size: - Virtual size: 452KB

.rdata Size: 19KB - Virtual size: 19KB

.idata Size: 122KB - Virtual size: 121KB

.rsrc Size: 39KB - Virtual size: 38KB

.data Size: 19KB - Virtual size: 19KB

.text Size: 512B - Virtual size: 469B

.debug Size: 17KB - Virtual size: 17KB

.textbss
Size: - Virtual size: 452KB

.rdata
Size: 19KB - Virtual size: 19KB

.idata
Size: 122KB - Virtual size: 121KB

.rsrc
Size: 39KB - Virtual size: 38KB

.data
Size: 19KB - Virtual size: 19KB

.text
Size: 512B - Virtual size: 469B

.debug
Size: 17KB - Virtual size: 17KB