aaa2abb45c09fbacc8226613e174d4cb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaa2abb45c09fbacc8226613e174d4cb_JaffaCakes118
Size

271KB
MD5

aaa2abb45c09fbacc8226613e174d4cb
SHA1

36a2157870cea180430c9ff9c11b6a9bdc9b001d
SHA256

ec932232231d59ddf576c3d8d3564426f81dd7d41aa14be8fb2eb67beabe6b5e
SHA512

a6082e550894909b3c61dcd5f78ea0a3ec055465c9d1d1db1b35e069abdeaa50ed18a55c86e4387d192740496860ce45560468a23f419af9c14b02f4a628d039
SSDEEP

6144:BQenfBfPSO2Mj8qn496JziC8hRo7QpajeIbe4HpMt:BQenJ3S64gY6QgjxSKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa2abb45c09fbacc8226613e174d4cb_JaffaCakes118

Files

aaa2abb45c09fbacc8226613e174d4cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1650f7fa81d37f47375ed2daa9a3af10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenCurrentUser
RegQueryValueExA
RegOpenKeyA

user32

IntersectRect
SetWindowRgn
GetWindowLongA
wsprintfA
PtInRect
LoadCursorA
GetForegroundWindow
CallWindowProcA
SetWindowPos
MessageBoxA
DestroyWindow
GetFocus
ShowWindow
SetWindowLongA
EqualRect
GetKeyState
SetCursor
ReleaseDC
SetFocus
DefWindowProcA
UnionRect
CharNextA
IsChild
GetDC
UnregisterClassA
GetClientRect
OffsetRect
GetParent
IsWindow
InvalidateRect

gdi32

SetWindowExtEx
LPtoDP
GetDeviceCaps
CreateMetaFileA
SetViewportOrgEx
SetTextAlign
CreateRectRgnIndirect
DeleteMetaFile
TextOutA
SetMapMode
SaveDC
SetWindowOrgEx
CloseMetaFile
RestoreDC
DeleteDC
CreateDCA

kernel32

GetACP
ReleaseMutex
IsDebuggerPresent
TlsFree
DeleteFileA
CreateMutexW
VirtualQuery
EnterCriticalSection
HeapDestroy
CreateMutexA
GetCurrentThreadId
SetFilePointer
VirtualProtect
SetUnhandledExceptionFilter
CreateThread
HeapAlloc
CreateFileW
VirtualFree
lstrcmpiA
TlsAlloc
VirtualAlloc
RtlUnwind
lstrcpyA
ReadFile
GlobalUnlock
FindResourceA
RaiseException
FreeEnvironmentStringsW
WriteConsoleW
lstrcatA
FlushFileBuffers
GetConsoleCP
SetStdHandle
SetFileAttributesA
WaitForSingleObject
GetTempFileNameW
FlushInstructionCache
GetOEMCP
GetSystemInfo
SetLastError
WaitForSingleObjectEx
FreeEnvironmentStringsA
LoadLibraryExA
FindFirstFileA
GetFileType
LoadResource
CreateDirectoryW
WriteFile
GetTempPathW
GetConsoleOutputCP
MulDiv
GetStdHandle
GetModuleHandleA
WriteConsoleA
TlsGetValue
lstrlenW
OutputDebugStringA
TerminateThread
lstrlenA
GetProcessHeap
FindNextFileA
LCMapStringW
HeapFree
CreateFileA
IsProcessorFeaturePresent
GlobalLock
HeapSize
GetCommandLineA
GetLocalTime
DeleteCriticalSection
WideCharToMultiByte
GetTempPathA
LeaveCriticalSection
GetThreadLocale
IsValidCodePage
GetSystemTimeAsFileTime
CloseHandle
lstrcmpA
CreateEventA
SizeofResource
GetConsoleMode
HeapReAlloc
GlobalAlloc
FreeLibrary
WritePrivateProfileStringA
UnhandledExceptionFilter
LCMapStringA
DeleteFileW
IsDBCSLeadByte
SetHandleCount
WaitForMultipleObjects
TlsSetValue
FindClose

oleaut32

SysStringLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantClear
OleCreatePropertyFrame
DispCallFunc
VariantInit
VariantCopy
SysAllocStringByteLen
LoadRegTypeLi
UnRegisterTypeLi
SysAllocString
SysFreeString
VariantChangeType

ole32

CreateDataAdviseHolder
CoTaskMemAlloc
OleRegGetMiscStatus
OleSaveToStream
OleRegEnumVerbs
CoTaskMemRealloc
StringFromGUID2
WriteClassStm
CoCreateInstance
OleLoadFromStream
OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemFree

iassvcs

IASUninitialize
IASVariantChangeType
IASGetDictionary

odbccr32

SQLSetConnectAttr
SQLGetData

Sections

.Cxfn
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.lbom
Size: 512B - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.rZWOr
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ATXbmQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OzKJSAy
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cssmybb
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QtnB
Size: 1024B - Virtual size: 889B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NExoi
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Rsvb
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Zuqzl
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QhCb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1650f7fa81d37f47375ed2daa9a3af10

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

gdi32

kernel32

oleaut32

ole32

iassvcs

odbccr32

Sections

.Cxfn Size: 1024B - Virtual size: 18KB

.lbom Size: 512B - Virtual size: 21KB

.rZWOr Size: 1024B - Virtual size: 35KB

.text Size: 17KB - Virtual size: 16KB

.ATXbmQ Size: 3KB - Virtual size: 2KB

.OzKJSAy Size: 2KB - Virtual size: 1KB

.Cssmybb Size: 512B - Virtual size: 386B

.QtnB Size: 1024B - Virtual size: 889B

.data Size: 7KB - Virtual size: 278KB

.NExoi Size: 1KB - Virtual size: 1KB

.rdata Size: 210KB - Virtual size: 209KB

.Rsvb Size: 3KB - Virtual size: 2KB

.rsrc Size: 18KB - Virtual size: 18KB

.Zuqzl Size: 2KB - Virtual size: 1KB

.QhCb Size: 2KB - Virtual size: 1KB

.Cxfn
Size: 1024B - Virtual size: 18KB

.lbom
Size: 512B - Virtual size: 21KB

.rZWOr
Size: 1024B - Virtual size: 35KB

.text
Size: 17KB - Virtual size: 16KB

.ATXbmQ
Size: 3KB - Virtual size: 2KB

.OzKJSAy
Size: 2KB - Virtual size: 1KB

.Cssmybb
Size: 512B - Virtual size: 386B

.QtnB
Size: 1024B - Virtual size: 889B

.data
Size: 7KB - Virtual size: 278KB

.NExoi
Size: 1KB - Virtual size: 1KB

.rdata
Size: 210KB - Virtual size: 209KB

.Rsvb
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 18KB - Virtual size: 18KB

.Zuqzl
Size: 2KB - Virtual size: 1KB

.QhCb
Size: 2KB - Virtual size: 1KB