bd549660aab0c874c0e8a1b2749be6db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd549660aab0c874c0e8a1b2749be6db_JaffaCakes118
Size

592KB
MD5

bd549660aab0c874c0e8a1b2749be6db
SHA1

db29398c82a33337b5e097b8dbab3911b281a2c7
SHA256

3fdca6a71de218226160c7b8c0298c0143dba56ff46284659722d238dc6eabfd
SHA512

7220f22d5a0279eca0692af4708709f006701405f07548a9a3cd0bec1445a2b5a6bbfa5384fb13347e29ebb0aa172ce1b9b094cbbaa07966450d391d9841f886
SSDEEP

12288:X2/moUC+IItJTQaClznjp6HKtWs1aQEhzCGyRsc:X25U1II76zNIiNIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd549660aab0c874c0e8a1b2749be6db_JaffaCakes118

Files

bd549660aab0c874c0e8a1b2749be6db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab21c4c2ba47eedba66c2a171ee37419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIconEx
CallWindowProcW
SetWindowLongW
GetWindowLongW
GetDlgItem
GetParent
SetCapture
GetCapture
ReleaseCapture
PostMessageW
UpdateWindow
InvalidateRect
OffsetRect
PtInRect
ScreenToClient
GetCursorPos
BeginPaint
SendMessageW
DefWindowProcW
GetWindowRect
PostQuitMessage
GetDC
ReleaseDC
IsDialogMessageW
GetClientRect
MoveWindow
CopyRect
DestroyWindow
LoadImageW
DestroyIcon
LoadBitmapW
GetSystemMetrics
TrackPopupMenu
DestroyMenu
DrawStateW
SetMenuItemInfoW
CheckMenuItem
AppendMenuW
CreatePopupMenu
IsWindowVisible
ExitWindowsEx
wsprintfW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowDC
CreateAcceleratorTableW
GetFocus

kernel32

TerminateProcess
RtlUnwind
IsDebuggerPresent
InterlockedDecrement
InterlockedIncrement
EncodePointer
InitializeCriticalSectionAndSpinCount
DecodePointer
HeapSetInformation
GetCommandLineA
WritePrivateProfileStringW
MoveFileW
GetEnvironmentVariableW
lstrlenA
SetFileAttributesW
RemoveDirectoryW
SetEndOfFile
GetStdHandle
GetLogicalDriveStringsW
EnterCriticalSection
ResumeThread
OpenEventA
DuplicateHandle
CreateSemaphoreA
CancelIo
DisconnectNamedPipe
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
SetNamedPipeHandleState
PeekNamedPipe
LeaveCriticalSection
LoadResource
FindResourceW
SizeofResource
LockResource
FreeResource
MulDiv
GetLastError
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
GetSystemDirectoryW
ExitThread
FlushInstructionCache
DeleteFileW
GlobalReAlloc
lstrlenW
LoadLibraryA
QueryDosDeviceW
RaiseException
ReleaseMutex
GetModuleHandleW
GetVersionExW
FindResourceExW
MultiByteToWideChar
GetVersion
GetCurrentProcess
LocalFree
GetModuleFileNameW
FreeConsole
GetCurrentProcessId
CreateRemoteThread
CreateMutexW
Sleep
LoadLibraryW
ReadFile
CreateFileW
LocalAlloc
InitializeCriticalSection
FreeLibrary
DeleteCriticalSection
GetDriveTypeW
CreateDirectoryW
CreateProcessW
SetLastError
GetWindowsDirectoryW
WideCharToMultiByte
GetTickCount
GetTempPathW
GetTimeZoneInformation
GetSystemInfo
GetPrivateProfileStringW
GetSystemTimeAsFileTime
GetDiskFreeSpaceExW
IsValidLocale
GetUserDefaultUILanguage
GetTempFileNameW
CopyFileW
WriteFile
ProcessIdToSessionId
lstrcpyW
GetFileAttributesW
MoveFileExW
DeviceIoControl
FindNextFileW
FindClose
lstrcmpiW
GetLocaleInfoW
GetFullPathNameW
FindFirstFileW
lstrcmpW
LoadLibraryExW
GetACP
SetEvent
ExitProcess
CreateThread
GetModuleFileNameA
TerminateThread
GlobalFindAtomW
OpenMutexW
SetErrorMode
GetSystemTime
SystemTimeToFileTime
WaitForMultipleObjects
ResetEvent
CreateEventA
GetSystemWindowsDirectoryW
GetVolumeInformationW
VirtualFree
VirtualAlloc
ReleaseSemaphore
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
LocalFileTimeToFileTime
SetFilePointerEx
GetFileSizeEx
OutputDebugStringW
FormatMessageW
TlsGetValue
TlsSetValue
GetAtomNameW
OpenThread
AddAtomW
TlsAlloc
FindAtomW
DeleteAtom
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
GetStartupInfoW
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeW
HeapCreate
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetStringTypeA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoA
ExpandEnvironmentStringsW
WriteConsoleA
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
lstrcmpiA
OpenProcess
CreateEventW
WaitForSingleObject
CloseHandle

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab21c4c2ba47eedba66c2a171ee37419

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 512KB - Virtual size: 512KB

.data Size: 3KB - Virtual size: 350KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 512KB - Virtual size: 512KB

.data
Size: 3KB - Virtual size: 350KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 7KB