a1388a5a38677827781fe13c85048e96_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a1388a5a38677827781fe13c85048e96_JaffaCakes118
Size

72KB
MD5

a1388a5a38677827781fe13c85048e96
SHA1

39cdca1811aa827a1d82b8a07ca6600a784ebcf8
SHA256

b63f7912d403a0f98d2fe9a4f2af1bd97a1be44638737c09c2e979827ba2a56e
SHA512

56ad297aa51dd716063ecd63e6e9e8c9883d590361236b70745ea104f4012430577f0b81bd024f2fd6fd9329877a59b86f3653a365cdb0d1249668fa3c8c77c3
SSDEEP

1536:gZ32uKt1b9Kqqrf6tXXdiwscrMMVu5K2U4UlO:gZQ1h3Y6t9trMZs1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1388a5a38677827781fe13c85048e96_JaffaCakes118

Files

a1388a5a38677827781fe13c85048e96_JaffaCakes118
.exe windows:2 windows x86 arch:x86

c7e4af97b2cfa7bb19499bb0f1811d31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
CreateMailslotA
LoadResource
FatalAppExitA
CreateNamedPipeA
GlobalFindAtomA
GetVersionExW
GetTickCount
lstrcmpA
GetCurrentDirectoryA
GlobalGetAtomNameW
GetThreadLocale
EnumTimeFormatsW
CompareStringA
lstrcpyW
GetExpandedNameW
GetDateFormatA
GetFullPathNameW
EndUpdateResourceA
FreeLibrary
FileTimeToDosDateTime
EnumDateFormatsW
GetModuleHandleA
lstrcatW
SearchPathA
GetCurrentProcess
SetCurrentDirectoryA
GetFileAttributesA
GetExpandedNameA
CreateDirectoryA
FindAtomA
lstrcpyA
ExpandEnvironmentStringsW
GetProcAddress
WaitForMultipleObjects
lstrlen
SuspendThread
GetLastError
EnumDateFormatsA
SetPriorityClass
EnumCalendarInfoA
GetPriorityClass
GetUserDefaultLCID

user32

PostMessageA
SetCursor
GetClassInfoW
wsprintfW
EnumChildWindows
DefWindowProcA
MessageBoxIndirectA
SetDlgItemTextA
UnregisterClassA
ClientToScreen
CopyImage
GetMenuItemInfoW
SetParent
TrackPopupMenuEx
CharUpperA
GetSysColor
RegisterClassW
GetKeyboardType
SetWindowLongW
GetCapture
DefFrameProcA
GetClassNameA
IsIconic
SendDlgItemMessageA
CheckMenuRadioItem
GetMenuItemID
LoadCursorA
GetMenuItemInfoA
ReleaseDC
EnumDesktopsA
EndDialog
WaitForInputIdle
GetForegroundWindow
CreateDialogIndirectParamA
EnumDesktopsW
DeleteMenu
LoadCursorW
SetForegroundWindow
CheckMenuItem
EnableWindow
CharLowerW
GetDesktopWindow
UpdateLayeredWindow
CreateDialogParamW
SetWindowPos
CloseWindow
GetIconInfo
GetWindowLongW
CharUpperW
MoveWindow
GetActiveWindow
InvalidateRgn

gdi32

FlattenPath
AngleArc
EnumFontFamiliesExA
CreateDIBPatternBrushPt
GetDeviceGammaRamp
FixBrushOrgEx
CreateScalableFontResourceW
GetCharABCWidthsI
StrokePath
SetWindowExtEx
CreatePolyPolygonRgn
GetCharWidthW
SwapBuffers
CreateICW
GetObjectType
GetMetaFileA
WidenPath
RectInRegion
CloseMetaFile
PtInRegion
GetGlyphOutlineW
GetTextMetricsW
PolyBezierTo
PolylineTo
GetTextFaceW
PaintRgn

advapi32

RegOpenKeyW
RegEnumKeyExA
RegCloseKey
RegQueryMultipleValuesA
RegQueryValueW
RegDeleteKeyA
RegEnumValueW
RegQueryInfoKeyW
RegDeleteValueA
RegCreateKeyA
RegReplaceKeyW

shell32

DuplicateIcon
StrRStrW
StrNCmpIA
StrChrIW

comdlg32

PrintDlgW
FindTextW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
GetOpenFileNameA
GetFileTitleA
ReplaceTextW
PrintDlgA
PrintDlgExW

oleaut32

VarBstrCat
VarDateFromStr
VarBoolFromI2
GetRecordInfoFromTypeInfo
VarAnd
VarDecFromUI8
VarCyAbs
VarDecFromI1

winspool.drv

StartDocPrinterW
WaitForPrinterChange
EnumPrinterDataExA
ConfigurePortW
SetPrinterDataExA
SetPrinterA

oledlg

OleUIConvertW
OleUIAddVerbMenuA
OleUIUpdateLinksA
OleUIChangeIconA
OleUIPasteSpecialW
OleUIConvertA
OleUICanConvertOrActivateAs
OleUIEditLinksA
OleUIBusyA

wsock32

getsockopt
getprotobyname
getnetbyname
getpeername
setsockopt
listen
WSACleanup
WSAAsyncGetHostByAddr

Sections

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.edata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7e4af97b2cfa7bb19499bb0f1811d31

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

oleaut32

winspool.drv

oledlg

wsock32

Sections

.rdata Size: 1KB - Virtual size: 3KB

.edata Size: 18KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 2KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 3KB

.edata
Size: 18KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 1024B - Virtual size: 4KB