9533ce30e684a747fb9fd7eaebd71e3f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9533ce30e684a747fb9fd7eaebd71e3f_JaffaCakes118
Size

60KB
MD5

9533ce30e684a747fb9fd7eaebd71e3f
SHA1

a9dcfb3316112495b53eea52b6347cc23411eef9
SHA256

88db350998e533b59a1b6309226b45536ec651288982d3341dadb9930e64a31b
SHA512

50a4fb16cce4e0ff8d8276d02525d5b37e0eb3579dc097b515ddc28b91ad5917486a000d9285f7b975f5a55905180f327fac1dbebc8f8f028ac6f0b81bfb17c7
SSDEEP

1536:WFVpLMuW0/K7G18K8OdyYwFNY9NdJUP6oM3HmKTcfVh:WF0jN7GKKvKFm9NHpHBTuVh

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Brutan Hack/BrutanHax.dll
unpack001/Brutan Hack/rename me.exe

Files

9533ce30e684a747fb9fd7eaebd71e3f_JaffaCakes118
.rar
Brutan Hack/BrutanHax.dll
.dll windows:6 windows x64 arch:x64

c4f107cb88a51b849e1bf6a7329b0d3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
CloseHandle
CreateThread
ReadProcessMemory
GetConsoleWindow
AllocConsole
IsDebuggerPresent
InitializeSListHead
OpenProcess
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetStdHandle
SetConsoleScreenBufferSize
SetConsoleTitleA
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetSystemTimeAsFileTime
WriteProcessMemory
RtlCaptureContext

user32

GetKeyState
GetMessageA
FindWindowA
GetWindowThreadProcessId
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowLongA
TranslateMessage
SetWindowLongA
CallNextHookEx
DispatchMessageA

advapi32

RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegDeleteValueA
AdjustTokenPrivileges

msvcp140

?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
_Xtime_get_ticks
_Thrd_sleep

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
exit
system
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
freopen
__stdio_common_vfprintf

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Brutan Hack/brutanpremium.lua
.js
Brutan Hack/rename me.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4f107cb88a51b849e1bf6a7329b0d3e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 516B

.reloc Size: 512B - Virtual size: 24B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 15KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 516B

.reloc
Size: 512B - Virtual size: 24B

.text
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B