7a5080a2c1c17eb493f2d74093ed5436_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7a5080a2c1c17eb493f2d74093ed5436_JaffaCakes118
Size

435KB
MD5

7a5080a2c1c17eb493f2d74093ed5436
SHA1

d330cdeba49b45b501233a7d2641c86fdbfd9f3a
SHA256

6cb0a95033f243928461a46cdcd6784a6b88dde13b950f40debcb6e280fe41dd
SHA512

e06e0487aed741c5af4a933d683cb45b8913673920d121f5c13cbd8ead0a50f2116ab897ae653b143b065a2640e395550f60ea53d0ecac022cdf83fd7eb09fcb
SSDEEP

6144:9EKmhR0tfUs5PQaBMMuFPCoEHpJTqzgjg8JRLu9TLeIYX6Z9+iviGSDiBvDrtlYu:Wbhq1U25qCT2QpJRyhKXjiviGXtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7a5080a2c1c17eb493f2d74093ed5436_JaffaCakes118

Files

7a5080a2c1c17eb493f2d74093ed5436_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3fb55a6831085279741ade52e0c5081

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleTitleA
GetLastError
CreateActCtxA
Sleep
ReleaseSemaphore
MapViewOfFile
WaitForSingleObject
CreateFileMappingA
CreateSemaphoreA
CreateFileW
SetStdHandle
WriteConsoleW
CloseHandle
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
RtlUnwind
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetCurrentProcessId
IsProcessorFeaturePresent
GetModuleFileNameW
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetTickCount
SetConsoleTitleA
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
GetConsoleWindow
lstrlenW
WideCharToMultiByte
LocalAlloc
LocalFree
HeapCreate
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
HeapAlloc
lstrlenA
lstrcpyW
lstrcatW
GetModuleFileNameA
GetModuleHandleA
FreeEnvironmentStringsW

user32

SendMessageW
CreateWindowExW
DrawTextW
DrawCaption
wsprintfW
CopyImage
CreateIconIndirect
DestroyIcon
GetIconInfo
SetWindowTextW
ShowWindow
GetTopWindow
BeginPaint
FillRect
EndPaint
GetDC
ReleaseDC
InvalidateRect
DestroyWindow
IsRectEmpty
InsertMenuItemA
GetDlgItem
SetWindowTextA
LoadIconA
SetFocus
SendMessageA
CheckRadioButton
GetWindowTextA
EndDialog
wsprintfA
FindWindowA
SetWindowPos
GetWindowThreadProcessId
GetWindow
DefWindowProcA
GetClientRect
DrawTextA
PostQuitMessage
GetWindowRect
SetWindowLongA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowLongA
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
EnableMenuItem
GetDesktopWindow
LockWindowUpdate
SetCapture
LoadCursorA
SetCursor
MessageBeep
ReleaseCapture

gdi32

PatBlt
GetObjectA
TextOutA
CreateCompatibleDC
GetTextExtentPoint32A
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
CreateCompatibleBitmap
GetStockObject
CreateSolidBrush

shell32

SHGetFolderPathA
SHGetFolderPathW

ws2_32

WSACreateEvent
WSAGetLastError

winscard

SCardLocateCardsA
SCardListReadersA
SCardEstablishContext
SCardReleaseContext
SCardFreeMemory
SCardGetStatusChangeA

msimg32

GradientFill

iphlpapi

NotifyRouteChange

comctl32

ord17
InitCommonControlsEx
ImageList_GetIcon
CreateToolbarEx

setupapi

SetupDiLoadDeviceIcon

msi

ord204
ord144

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3fb55a6831085279741ade52e0c5081

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

winscard

msimg32

iphlpapi

comctl32

setupapi

msi

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 6KB - Virtual size: 5KB