63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118
Size

1.1MB
MD5

63e7b5139afc6a5d54bebf5a518b2daf
SHA1

8e4440701672ec7591f742de92e9748649ac156f
SHA256

26fd2c3c123d9a18ec4311f5a82bbe79a4190a89bce0e4d73e251f357484468f
SHA512

02ddcce9f5383a05c29b1bfb33e67379717bc08047228dc047c77c81796039a8702aa0b311eb253c4855f1910700412145d62cf2a2779ea0be88b833c020ed01
SSDEEP

24576:GHlsQzLKOu9Bh+p/Ps01E6TbBYGvZby9l14+eHnC2Dk6:GFsQzNuU/PLhTVY39liPC29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118

Files

63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7962744d1ffa1a1026ea672ce0a41e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CreateProcessA
WaitForSingleObject
CreateFileA
WriteFile
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
GetCommandLineA
GetModuleHandleA
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
InterlockedExchange
SetStdHandle
OpenProcess
GetCurrentProcessId
SetErrorMode
lstrcatA
lstrcpyA
GetModuleFileNameA
lstrcpynA
lstrlenA
GetCurrentThreadId
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalLock
GlobalReAlloc
GlobalAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
GetVersion
GetProcAddress
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
FreeLibrary
LoadLibraryA
SetLastError
GetLastError
GetProcessVersion
lstrcmpA
GlobalFlags
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetCurrentProcess
ReadFile
SetFilePointer
FlushFileBuffers
RtlUnwind
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
Sleep
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadCodePtr

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

user32

GrayStringA
wsprintfA
MessageBoxA
ShowWindow
IsWindowVisible
GetForegroundWindow
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetKeyState
SendMessageA
DispatchMessageA
UnhookWindowsHookEx
LoadStringA
GetNextDlgTabItem
GetParent
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindow
SetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
EnableWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

ord17

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7962744d1ffa1a1026ea672ce0a41e11

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

winspool.drv

comctl32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 4KB - Virtual size: 664B