03818aca65aed1b6a8ec887d829453dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03818aca65aed1b6a8ec887d829453dd_JaffaCakes118
Size

440KB
MD5

03818aca65aed1b6a8ec887d829453dd
SHA1

881332efb479d24f6a689115b15f7f99bb98b511
SHA256

e390df94426d6dbed60fa3a03f28172df8a886bca0495471e81dbd2add18cace
SHA512

12defd74da0dbcac62f5bc4ab85ade87ad54e74e30480e1c6128b1537580843bf774fb493fb26063a2b90c89a17557a3c566c1f2de697f49d321f3fc67b113dd
SSDEEP

6144:/iSJRofWsKOPzpMMA+wC3s9jGb24gzQGNOiuzTweDEhJZpfXMiGpwy:aSJRAWCxsC42UjNOLAhhBXMiGB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
03818aca65aed1b6a8ec887d829453dd_JaffaCakes118

Files

03818aca65aed1b6a8ec887d829453dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4920ba77966bf80c2d8bbcbe7a29003f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

Sleep
SetConsoleTitleA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
CreateActCtxA
GetLastError
lstrcatW
lstrcpyW
lstrlenW
CreateFileW
SetStdHandle
WriteConsoleW
CloseHandle
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapReAlloc
RtlUnwind
HeapSize
IsValidCodePage
GetCPInfo
HeapFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsProcessorFeaturePresent
GetModuleFileNameW
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
GetConsoleWindow
CreateSemaphoreA
CreateFileMappingA
WaitForSingleObject
MapViewOfFile
ReleaseSemaphore
lstrlenA
GetOEMCP
GetACP
HeapCreate
HeapAlloc
WideCharToMultiByte
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
LocalAlloc
LocalFree
GetModuleHandleA
GetModuleFileNameA

user32

GetMenuItemInfoA
GetMenu
GetDC
GetMenuCheckMarkDimensions
CheckMenuRadioItem
GetClientRect
CreateIconIndirect
DestroyIcon
GetIconInfo
CopyImage
GetScrollPos
GetDesktopWindow
DrawTextW
DrawCaption
IsRectEmpty
GetSystemMetrics
SystemParametersInfoA
GetWindowRect
SetWindowPos
InsertMenuItemA
GetDlgItem
SetWindowTextA
LoadIconA
SetFocus
SendMessageA
CheckRadioButton
GetWindowTextA
EndDialog
ReleaseDC
BeginPaint
FillRect
EndPaint
LoadImageA
GetDCEx
ClientToScreen
PostQuitMessage
OpenClipboard
EmptyClipboard
SetClipboardData
InvalidateRect
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
EnableMenuItem
LockWindowUpdate
SetCapture
LoadCursorA
SetCursor
MessageBeep
ReleaseCapture
DefWindowProcA
wsprintfA
FindWindowA
SetWindowLongA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowLongA
MessageBoxA

gdi32

TextOutA
GetObjectA
SelectObject
GetPixel
SetPixel
DeleteDC
DeleteObject
PatBlt
CreateBitmapIndirect
SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
GetDeviceCaps
GetStockObject
CreateCompatibleDC
BitBlt

shell32

SHGetFolderPathW

ole32

CoGetClassObject

winscard

SCardReleaseContext
SCardEstablishContext
SCardLocateCardsA
SCardGetStatusChangeA
SCardFreeMemory
SCardListReadersA

msimg32

GradientFill

comctl32

CreateToolbarEx
ord17
ImageList_GetIcon

setupapi

SetupDiLoadDeviceIcon

msi

ord204

urlmon

CoInternetGetSession

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4920ba77966bf80c2d8bbcbe7a29003f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

winscard

msimg32

comctl32

setupapi

msi

urlmon

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 86KB - Virtual size: 86KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 86KB - Virtual size: 86KB

.reloc
Size: 6KB - Virtual size: 6KB