JaffaCakes118_01017e9cd5e01129b97f35641bbee26d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_01017e9cd5e01129b97f35641bbee26d
Size

217KB
MD5

01017e9cd5e01129b97f35641bbee26d
SHA1

3d45369a1b9fd85ce2de38fbe7c7e92f50e85e10
SHA256

51f1cba00852bfcbccbf20f6fba042fe48fe98b9ae8f9c0f8ad00ff4e92c54c1
SHA512

a2e3ed7d0b0aff9a6e2878046bc45d3cae43678a99ed51a09c8b1ee4feaed2f4f22f035e6faf8d6c25c97f1af78f299cafdc2aa8f083a8901bf6bbaa8d9f2a3d
SSDEEP

6144:WPlJAbSZuxf8+3AKH8yvjarYrTAxo7er66UVtqw2LlkL:0ySZw3AKH8Gj4ukxo7eGLgJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_01017e9cd5e01129b97f35641bbee26d

Files

JaffaCakes118_01017e9cd5e01129b97f35641bbee26d
.exe windows:3 windows x86 arch:x86

5e00ef92140309dbfb33f494ea55f134

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetTempFileNameA
GetVersionExW
EnumTimeFormatsW
GetStartupInfoA
GetProcessHeap
GetCalendarInfoA
CreateSemaphoreA
IsValidLocale
SetEvent
GetLastError
HeapCreate
CreateDirectoryW
GlobalFindAtomA
CreateNamedPipeW
GetSystemDefaultLCID
SleepEx
OpenEventW
ExpandEnvironmentStringsW
GetLocaleInfoW
GetModuleHandleW
CloseHandle
BeginUpdateResourceW
BeginUpdateResourceA
OpenWaitableTimerA
EnumDateFormatsW
FatalAppExitA
GetModuleFileNameA
GetComputerNameA
FileTimeToDosDateTime
SetUnhandledExceptionFilter
CompareStringA
GetExitCodeThread
CopyFileA
FreeLibrary
CreateMailslotW
EnumCalendarInfoW
GetTimeFormatW
GetModuleHandleA
GetCPInfo
GetCurrentProcessId
lstrcmpW
lstrcmpW
IsBadStringPtrA
GetCurrentThread
lstrlenA
GetFileAttributesA
MultiByteToWideChar
WinExec
FileTimeToLocalFileTime
lstrlen
IsValidCodePage
GetLogicalDrives
SystemTimeToFileTime
GetThreadPriority
GetPriorityClass
SearchPathW
RemoveDirectoryW
OpenSemaphoreW
GlobalGetAtomNameA
GetProcAddress
MoveFileA

user32

DefWindowProcA
CreateWindowExW
EndMenu
CreateAcceleratorTableA
CharPrevA
PeekMessageA
SetForegroundWindow
SendDlgItemMessageA
GetWindowDC
MonitorFromPoint
SetWindowLongW
CharLowerW
EnumDesktopsA
CheckDlgButton
GetClassInfoExA
MoveWindow
GetDlgItemTextW
EnumChildWindows
GetActiveWindow
wvsprintfA
CreateDialogIndirectParamA
SetMenu
LoadImageA
TrackPopupMenuEx
UpdateWindow
ClientToScreen
InsertMenuW
GetParent
EnumDesktopsW
OffsetRect
GetClassNameA
GetMenuItemID
SetCursorPos
PostMessageA
AppendMenuA
LoadCursorW
GetKeyboardType
ActivateKeyboardLayout
GetDCEx
LoadCursorA
CharPrevW
MessageBoxIndirectW
GetAsyncKeyState
SetWindowPos
SendDlgItemMessageW
GetWindowTextLengthW

gdi32

OffsetWindowOrgEx
GetDCOrgEx
SetROP2
Escape
RemoveFontResourceA
SetTextJustification
EnumICMProfilesW
FrameRgn
PolyBezier
GetGlyphIndicesW
Chord
PatBlt
CreateMetaFileA
Polygon
CreateBitmapIndirect
GdiGetBatchLimit
GetCharABCWidthsFloatA
StartPage
GetEnhMetaFileA
DeleteMetaFile
SetICMProfileW
GetGraphicsMode
SetWinMetaFileBits

advapi32

RegOpenKeyA
RegSetValueA
RegEnumValueA
RegCloseKey
RegQueryValueA
RegCreateKeyA
RegCreateKeyExW
RegCreateKeyW
RegQueryInfoKeyA
RegReplaceKeyA

comctl32

ImageList_GetImageRect
ImageList_DragLeave
MakeDragList
ImageList_DragShowNolock
InitMUILanguage
CreatePropertySheetPageW
ImageList_SetDragCursorImage

ole32

CreateFileMoniker
CLSIDFromProgID
CLSIDFromString
GetClassFile
CoCreateInstance
CoCreateInstanceEx

urlmon

CoInternetCompareUrl
URLDownloadW
IsAsyncMoniker
IsLoggingEnabledA
RevokeBindStatusCallback
URLDownloadToFileA

winspool.drv

CreatePrinterIC
AddPrinterDriverA
DeletePortW
DeletePrinterDriverExW
AddPrinterW
SetPrinterDataA
GetPrinterDataExW
AbortPrinter

inetcomm

GetDllMajorVersion
MimeOleDecodeHeader
CreateIMAPTransport2
MimeOleSMimeCapsToDlg
MimeOleCreateMessageParts
HrGetLastOpenFileDirectory
MimeOleSMimeCapGetEncAlg
MimeEditDocumentFromStream
CreateSMTPTransport
MimeOleGetCharsetInfo

oledlg

OleUIBusyA
OleUIInsertObjectA
OleUIConvertA
OleUIEditLinksW
OleUIObjectPropertiesA
OleUIUpdateLinksW
OleUIAddVerbMenuW
OleUIChangeSourceW
OleUIObjectPropertiesW

wsock32

recvfrom
WSACancelAsyncRequest
WSAAsyncGetProtoByName
accept
inet_network
getprotobynumber
ntohl
htons
WEP
WSAStartup
connect
ntohs

crypt32

CryptEncodeObject
CryptSetKeyIdentifierProperty
CryptSignHashU
CryptMsgGetAndVerifySigner
RegSetValueExU
CertSaveStore
CryptSIPLoad

Sections

.edata
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 31KB

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e00ef92140309dbfb33f494ea55f134

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

ole32

urlmon

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.edata Size: 1KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 36KB

.edata Size: 1KB - Virtual size: 31KB

.rdata Size: 17KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.edata Size: 1024B - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 23KB

.edata Size: 1024B - Virtual size: 6KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 44KB

.edata
Size: 1KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 36KB

.edata
Size: 1KB - Virtual size: 31KB

.rdata
Size: 17KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.edata
Size: 1024B - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 23KB

.edata
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 44KB