0006c81fd645f04339b4c47a6aa91b5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0006c81fd645f04339b4c47a6aa91b5d_JaffaCakes118
Size

281KB
MD5

0006c81fd645f04339b4c47a6aa91b5d
SHA1

bda77241700ce6feda6d271daa102d98dc0426d9
SHA256

2fdba781b75b42a5d7f1b91f6fa696f47e2ee4c09f689eb9243bbd8cae13c423
SHA512

b9b63692ab2f538f1dec7852e2fa858756485a3bd7749197f9b06a896544256783eccd2e2f5bf7d9e05ab92a88bd7ecce558e10d30c3ce3da6318aefdd27cfd5
SSDEEP

6144:xeRvRyJ2m2dwDN8uF6wYTSo9gX6lSS4TPD4hS0it6A6ZBkyHOpy:xEvMPFadhl54XN0VBkFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0006c81fd645f04339b4c47a6aa91b5d_JaffaCakes118

Files

0006c81fd645f04339b4c47a6aa91b5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8436002aa6c156e2145d19375db4e249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2971
ord3076
ord2980
ord3257
ord2854
ord4459
ord3254
ord3142
ord6238
ord823
ord4270
ord765
ord567
ord3693
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord3131
ord2977
ord5273
ord2116
ord2438
ord6051
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord825

msvcrt

??1type_info@@UAE@XZ
wcslen
__CxxFrameHandler
_ftol
?terminate@@YAXXZ
_except_handler3

dinput

DirectInputCreateW

user32

DestroyIcon
ChildWindowFromPoint
IsWindowVisible
GetMessageTime
GetCursorPos
CreateWindowExW
RegisterDeviceNotificationW
IsWindow
ScreenToClient
LoadImageW
MapWindowPoints
InvalidateRect
SetRect
GetSysColor
EnableWindow
RedrawWindow
GetWindowRect
GetSystemMetrics
MessageBoxW
WinHelpW
UnregisterClassW
DestroyWindow
SendMessageW
GetWindowDC
SetTimer
GetClientRect
LoadStringW
wsprintfW
GetParent
PostMessageW
GetDC
ReleaseDC
UnregisterDeviceNotification
KillTimer
SendDlgItemMessageW
SetWindowPos
GetDlgItem
SetWindowLongW
RegisterClassExW
DefWindowProcW
BeginPaint
GetWindowLongW
DrawIconEx
GetWindowTextW
DrawTextW
EndPaint
GetDlgCtrlID

gdi32

CreatePolygonRgn
DeleteDC
BitBlt
DPtoLP
SetMapMode
GetMapMode
SelectObject
CreateCompatibleDC
GetRgnBox
GetStockObject
SetBkColor
Ellipse
SetDCPenColor
SetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
LineTo
MoveToEx
CreatePenIndirect
GetDeviceCaps
CreateFontW
CreateSolidBrush
ExtTextOutW
DeleteObject
SetBkMode
PaintRgn
SetTextColor

kernel32

InitializeCriticalSection
LocalFree
GetLastError
MulDiv
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
EnterCriticalSection
Sleep
lstrlenW

advapi32

RegQueryValueExW
RegCloseKey

shlwapi

StrCpyNW
StrDupW
StrNCatW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8436002aa6c156e2145d19375db4e249

Headers

File Characteristics

Imports

mfc42u

msvcrt

dinput

user32

gdi32

kernel32

advapi32

shlwapi

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 268KB - Virtual size: 268KB

.data Size: 1KB - Virtual size: 100KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 268KB - Virtual size: 268KB

.data
Size: 1KB - Virtual size: 100KB

.rsrc
Size: 2KB - Virtual size: 2KB