774750e7081bfd239833590441172f7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

774750e7081bfd239833590441172f7e_JaffaCakes118
Size

538KB
MD5

774750e7081bfd239833590441172f7e
SHA1

22bd9ce359f9a01f0670365626d6ac087f215b02
SHA256

a858bcf2d69d9791cb443cd0b944c199807b41e6d9050afda993eabf03812c8d
SHA512

9051b606e70badfe6dc22f208bb6b356a1ba06ea94f628c08d40d7ca7023628c2d3d42d1f0601b69767df1ed0e8d5978c95dfeebbe171455df777466bd2f0fb3
SSDEEP

12288:yhYBiFH9iUvEX9A8khRaQT1UDxJfnAxacJAzhCMoZMP59LBs:yaI7nSQW/gJAzZFTBs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
774750e7081bfd239833590441172f7e_JaffaCakes118

Files

774750e7081bfd239833590441172f7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d1ad5b04b98ac81fd6f2a3bb3251562a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

CreateThread
CreateEventA
HeapAlloc
GetVolumeInformationA
GetProcAddress
lstrcatA
GlobalAlloc
GetLastError
RaiseException
CreateFileW
SetEnvironmentVariableA
CompareStringW
LocalAlloc
GetStringTypeW
GetModuleHandleA
SetStdHandle
RtlUnwind
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LocalReAlloc
lstrcpyA
LocalFree
lstrcpyW
lstrlenW
EnumDateFormatsA
GetCurrentDirectoryW
CreateFileA
CreateEventW
LCMapStringW
ReadFile
WriteConsoleW
OutputDebugStringA
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
MultiByteToWideChar
SetFilePointer
LoadLibraryA
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
HeapValidate
IsBadReadPtr
GetFileAttributesA
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

LoadCursorA
GetSubMenu
GetMenu
EnableMenuItem
GetDC
GetClientRect
DdeInitializeA
DdeCreateStringHandleW
IsIconic
InvalidateRect
CreateWindowExW
SystemParametersInfoA
DrawFrameControl
FindWindowW
SendMessageA
GetSystemMetrics
RegisterClassA
ShowWindow
GetMenuItemCount
GetMenuState
GetMenuItemID
GetMenuItemInfoA
GetMenuStringA
SetMenuItemInfoA

gdi32

CreateCompatibleBitmap
SelectObject
GetStockObject
GetObjectA
CreateFontIndirectA
DeleteDC
CreateSolidBrush
CreateCompatibleDC

comdlg32

GetOpenFileNameA

shell32

SHGetMalloc
SHGetDesktopFolder

ole32

CoGetMalloc

ws2_32

WSCInstallProvider
WSAStartup

comctl32

ord17

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

gdiplus

GdiplusShutdown

sensapi

IsNetworkAlive

Sections

.text
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1ad5b04b98ac81fd6f2a3bb3251562a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

ws2_32

comctl32

rpcrt4

gdiplus

sensapi

Sections

.text Size: 430KB - Virtual size: 429KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 10KB - Virtual size: 18KB

.bdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 430KB - Virtual size: 429KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 10KB - Virtual size: 18KB

.bdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 46KB - Virtual size: 45KB