9e30414d0fc9fbe797e41cab5100a714_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9e30414d0fc9fbe797e41cab5100a714_JaffaCakes118
Size

351KB
MD5

9e30414d0fc9fbe797e41cab5100a714
SHA1

b7f8accc729abc276a0510657becab414506d789
SHA256

481821d0313006387cdb23cce4829f157c3f299e6ccbe284aeecf322826d2c7e
SHA512

cfea07aae4ade705e57479ff8fb242b2a7407baa68260e4a0dd7ce77975e58026348cc9a41dfd2324a6ea45bff1a7e831c42ac065e1c7462ca777e5cabaf4fa6
SSDEEP

6144:O0y3NRJO22A8oos+W0OBMgxDy1+yAD2qGr5Pe3q9Yng:OBNfORjVOB7xDQ1AD2qGrJe3q9Yn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e30414d0fc9fbe797e41cab5100a714_JaffaCakes118

Files

9e30414d0fc9fbe797e41cab5100a714_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1915931049ae7fec27485b7adfc94938

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
OpenEventA
OpenFile
OpenFileMappingA
OpenJobObjectA
OpenProcess
PeekConsoleInputW
QueryPerformanceCounter
RaiseException
ReadFile
ReadFileEx
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleTitleA
SetEvent
SetFilePointer
SetProcessWorkingSetSize
MapViewOfFile
SetVolumeLabelA
SleepEx
SystemTimeToFileTime
TerminateProcess
Thread32Next
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WriteFile
_hwrite
lstrcmpi
lstrcpy
lstrcpyn
LocalFree
LocalCompact
LocalAlloc
lstrlenA
LoadLibraryExW
LeaveCriticalSection
IsValidLanguageGroup
IsBadWritePtr
IsBadReadPtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapFree
HeapDestroy
HeapCreate
Heap32First
GlobalUnfix
GlobalFindAtomW
GetVersionExA
GetTimeFormatW
GetTempPathA
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetStringTypeExW
GetStdHandle
GetProcessHeaps
GetModuleFileNameW
GetLogicalDrives
GetLogicalDriveStringsW
GetLocalTime
GetFileAttributesExW
GetDiskFreeSpaceA
GetCurrentProcess
GetConsoleCursorInfo
GetConsoleAliasesLengthA
GetComputerNameA
GetCPInfoExW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushViewOfFile
FlushFileBuffers
FindFirstFileW
FillConsoleOutputAttribute
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DuplicateHandle
DisableThreadLibraryCalls
DeleteCriticalSection
CreateThread
CreateSemaphoreA
CreateProcessW
CreateNamedPipeA
CreateHardLinkW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryW
ConvertDefaultLocale
ConnectNamedPipe
CompareFileTime
CloseHandle
BuildCommDCBAndTimeoutsA
HeapAlloc
GetFileAttributesW
GetProcAddress
GetCurrentProcessId
GetDriveTypeA
GetCommandLineA
GlobalAlloc
GetCommandLineW
GetLastError
GetModuleHandleA
GetCurrentThreadId
GetVersion
GetTickCount
GetFileAttributesA
GetDriveTypeW
GetModuleHandleW
LoadLibraryA
GetStartupInfoA
lstrlenW
LoadLibraryW
GetProcessHeap
SetUnhandledExceptionFilter

user32

SetWindowsHookW
SendDlgItemMessageW
RegisterClassA
RedrawWindow
PostThreadMessageA
PostQuitMessage
PackDDElParam
OemToCharBuffA
ModifyMenuW
MessageBeep
LoadCursorFromFileW
IsCharAlphaA
InvertRect
GetWindowModuleFileNameW
GetWindowModuleFileNameA
GetMessageA
GetKeyboardLayoutList
GetKeyNameTextW
GetClipboardViewer
EnumWindows
EditWndProc
DragObject
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DispatchMessageA
DestroyMenu
DefDlgProcW
DdeSetUserHandle
DdeImpersonateClient
CreateWindowStationW
CreateWindowExA
CopyIcon
CloseWindowStation
CheckRadioButton
CheckMenuRadioItem
CharPrevW
CharNextW
ChangeMenuA
IsWindow
GetDC
GetParent
ShowWindow
GetSysColor
SetWindowLongW
SendMessageW
IsDlgButtonChecked
LoadIconW
GetMenu
EnableMenuItem
GetDlgItem
LoadBitmapW
DestroyIcon
GetKeyState
GetSystemMetrics
DestroyWindow
LoadIconA
LoadBitmapA
IsWindowVisible
UpdateWindow
SendMessageA
DefWindowProcA

gdi32

DeleteDC
EndDoc
EndPage
DeleteMetaFile
GetDCPenColor
FlattenPath
CreateMetaFileA
CreateCompatibleDC
CloseEnhMetaFile
AbortDoc
GdiFlush
GetBkColor
GdiGetBatchLimit
GetEnhMetaFileW
GetLayout
GetEnhMetaFileA
CreatePatternBrush
DeleteObject
EndPath
SetBkMode
CloseFigure
CreateMetaFileW
AddFontResourceW
CreateSolidBrush
SaveDC
CancelDC
GetDCBrushColor
AbortPath
GetColorSpace
DeleteEnhMetaFile
FillPath
AddFontResourceA
SetTextAlign
GetBkMode
CreateDIBPatternBrushPt
CreateRectRgn
EngDeleteSemaphore
EngDeleteSurface
EngMultiByteToWideChar
ExcludeClipRect
ExtFloodFill
ExtTextOutA
GdiComment
GdiConvertPalette
GetEnhMetaFilePixelFormat
GetPixelFormat
GetRelAbs
GetTextExtentExPointWPri
GetTextExtentPointI
Polyline
SetColorAdjustment
SetFontEnumeration
SetICMProfileA
StartDocW
XLATEOBJ_iXlate
CloseMetaFile
SetTextColor
SelectObject
GetGraphicsMode
CreateHalftonePalette
BeginPath
DeleteColorSpace
GetFontLanguageInfo

advapi32

CryptReleaseContext
CryptAcquireContextA
CloseServiceHandle
CheckTokenMembership
AllocateAndInitializeSid
AddAccessAllowedAce
RegQueryValueExW
StartServiceCtrlDispatcherA
SetServiceStatus
SetSecurityDescriptorDacl
ReportEventA
RegisterServiceCtrlHandlerExA
RegisterEventSourceA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegNotifyChangeKeyValue
RegCloseKey
QueryServiceStatus
OpenServiceA
OpenSCManagerA
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
FreeSid
CryptGenRandom

shell32

Shell_NotifyIconW
Shell_NotifyIconA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHIsFileAvailableOffline
SHGetPathFromIDListA
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFileInfoW
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceA
SHFormatDrive
SHFileOperation
SHEmptyRecycleBinW
SHCreateProcessAsUserW
SHCreateDirectoryExW
SHCreateDirectoryExA
SHBrowseForFolderW
SHBrowseForFolderA
SHBindToParent
SHAppBarMessage
ExtractIconExW
ExtractIconExA
ExtractIconEx
ExtractAssociatedIconW
ExtractAssociatedIconExW
ExtractAssociatedIconA
DragQueryFileW
DragQueryFileAorW
DragQueryFile
DoEnvironmentSubstA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

StrRChrW
StrCmpNIW
StrChrA
StrCmpNA
StrRChrIW
StrCmpNIA

winmm

timeGetTime

msvcrt

wcsrchr
wcsstr
wcstok
_strnicmp
_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_iob
_snprintf
_snwprintf
_stricmp
_vsnprintf
_wcsicmp
_wtol
atoi
exit
floor
fprintf
free
malloc
memmove
perror
rand
sprintf
strncpy
strtoul
wcscat
wcschr
wcscmp
wcscpy
wcslen
wcsncat

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1915931049ae7fec27485b7adfc94938

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

winmm

msvcrt

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 38KB - Virtual size: 37KB