d36623f0f93973f9a98ca728cb0cfce4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d36623f0f93973f9a98ca728cb0cfce4_JaffaCakes118
Size

329KB
MD5

d36623f0f93973f9a98ca728cb0cfce4
SHA1

1801034e407416bd466c72778908a519803af5a1
SHA256

7f53a98c462a7e1edb12342e05d4c4fb7c5cc3592d227fec2b5c55263653c4fc
SHA512

7f45d096a3abf2a94752b747653d95a384ac7db807466a62ba3e01e5e95379a192698a64043412e15f306a8560bf09ef5e67dc24ff91cc27fdac818a9b5c590c
SSDEEP

6144:6Kzdgl/ZWKOtAObo7zoooocIuFp1rgvW+TrGlbiRenD+uwELn6eVJTOF:LgnWvtFoQvmvW8KlshVAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d36623f0f93973f9a98ca728cb0cfce4_JaffaCakes118

Files

d36623f0f93973f9a98ca728cb0cfce4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64a574328faca3de90597572f0eb40b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RealChildWindowFromPoint
SendMessageW
GetMouseMovePointsEx
ToAsciiEx
VkKeyScanExA
SetScrollPos
GetFocus
GetDC
GetWindowTextA
CloseWindow
GetScrollPos
AppendMenuA
GetGUIThreadInfo
GetScrollBarInfo
IsCharLowerA
ReleaseCapture

ole32

CoDisconnectObject
OleDestroyMenuDescriptor

advapi32

RegDeleteValueW

gdi32

DeleteMetaFile
GetAspectRatioFilterEx
EndPage
Arc
SetColorSpace
ColorMatchToTarget
GetDCOrgEx
CreateHatchBrush
CreateCompatibleDC
StartDocW
SetROP2
GetBrushOrgEx
GetGlyphOutlineW
GetMapMode
GetCharABCWidthsA
SetViewportExtEx
GetCharWidth32W
ResetDCW
FrameRgn
SetBkMode
GetTextMetricsW
GetLayout
GetRgnBox
MaskBlt
GetTextColor
EnumICMProfilesA

netapi32

NetWkstaTransportAdd

winspool.drv

DocumentPropertiesW

kernel32

GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapSize
VirtualProtect
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
OpenProcess
CreateMemoryResourceNotification
DefineDosDeviceW
SetPriorityClass
SetProcessPriorityBoost
EncodeSystemPointer
LockFile
MapUserPhysicalPagesScatter
GetCurrentProcess
GetEnvironmentStrings
CreateDirectoryA
CreateProcessA
DeleteFileA
FindResourceA
FormatMessageA
GetACP
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLocaleInfoA
GetModuleFileNameA
GetProcAddress
GetSystemDefaultLCID
GetSystemInfo
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
IsDBCSLeadByte
LoadLibraryA
LoadResource
LockResource
RemoveDirectoryA
SetErrorMode
SetLastError
SizeofResource
Sleep
VirtualQuery
CloseHandle
CreateFileA
ExitProcess
GetFileType
GetSystemTime
GetFileSize
GetStdHandle
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetFilePointer
WriteFile
GetCommandLineA
GetLastError
GetModuleHandleA
MultiByteToWideChar
TlsGetValue
TlsSetValue
WideCharToMultiByte
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateSemaphoreW
lstrcmpW
lstrcmpiA
GetSystemDirectoryW
DebugActiveProcessStop
SetThreadContext
FindClose
HeapCreate
GlobalMemoryStatus
GetVolumeInformationA
FindFirstFileW
CreateProcessW
GetTimeFormatA
HeapReAlloc
HeapAlloc
GetStartupInfoA
HeapFree
SetUnhandledExceptionFilter
GetModuleHandleW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64a574328faca3de90597572f0eb40b6

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

advapi32

gdi32

netapi32

winspool.drv

kernel32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 13KB - Virtual size: 339KB

.rsrc Size: 198KB - Virtual size: 197KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 13KB - Virtual size: 339KB

.rsrc
Size: 198KB - Virtual size: 197KB