089299fa8bd99c4e668e0dbc966a701c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

089299fa8bd99c4e668e0dbc966a701c_JaffaCakes118
Size

100KB
MD5

089299fa8bd99c4e668e0dbc966a701c
SHA1

9f19b86d0416f237a6da4b6e1d7112bbc85ee06f
SHA256

63d8ed2d081d6f749d64e1c3fbb96efc90b07dc6ddd470bdb4e0847022b9ac18
SHA512

98f80f7d10d489c5bce7f6676f808a0e77bae87301a4d67ca8cfc99ae7437eb411808a1e0fb6b430fde35b37808bbb4479eaa6c230356f190467641bbf1f4204
SSDEEP

1536:gqmPbebscKKUSL14vLrMOu1s8InsALxrmemXUkZd+w6Rm9TkpFdyLpx1qa:DM6eKUX5u1ensA1uFd+tR7up7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
089299fa8bd99c4e668e0dbc966a701c_JaffaCakes118

Files

089299fa8bd99c4e668e0dbc966a701c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8b9f55a0ffba64c3008b8fe5e909c372

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
FreeLibrary
lstrlenW
FindClose
EnterCriticalSection
HeapFree
LocalAlloc
LocalFree
CreateThread
MulDiv
GetModuleHandleW
GetCommandLineW
GetStartupInfoW
GetSystemPowerStatus
GetVersionExW
HeapAlloc
GetProcessHeap
FindNextFileW
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
MoveFileW
GetCurrentThread
GetFileSize
FindFirstFileExW
CreateFileW
GetSystemDirectoryW
LoadLibraryW
GetCurrentProcess
SetLastError
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateEventW
WaitForSingleObject
SetEvent
GetLastError
ExitProcess
GetVersion
GetCommandLineA
VirtualProtect
LeaveCriticalSection
GetTickCount

user32

CharNextW
InvalidateRect
SetTimer
RegisterClassW
LoadImageW
FillRect
SetRect
ValidateRect
SystemParametersInfoW
SetCursor
GetCursorPos
PostQuitMessage
GetParent
DialogBoxParamW
GetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
ReleaseDC
GetDC
LoadIconW
GetWindowRect
PostMessageW
CreateWindowExW
DefWindowProcW
LoadStringW
SendMessageW
SetWindowPos
IsWindowVisible
ShowWindow
BeginPaint
EndPaint
DestroyWindow
SetForegroundWindow
GetSystemMetrics
ScreenToClient
SetRectEmpty
GetClientRect
GetWindowLongW
AdjustWindowRect
IsWindow
IsIconic
FindWindowW

advapi32

PrivilegeCheck
RegDeleteValueA
SetServiceStatus
StartServiceCtrlDispatcherW
OpenThreadToken
OpenProcessToken
GetTokenInformation
FreeSid
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
EqualSid
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
LookupPrivilegeValueA

gdi32

GetClipBox
GetStockObject
DeleteDC
CreateCompatibleDC
GetObjectW
SelectObject
SetStretchBltMode
BitBlt
CreatePalette
DeleteObject
StretchDIBits
RealizePalette
SelectPalette

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance

msvcrt

__CxxFrameHandler
_except_handler3
_amsg_exit
_initterm
exit
_XcptFilter
_cexit
free
_vsnwprintf
rand
srand
time
memset
malloc
_adjust_fdiv

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b9f55a0ffba64c3008b8fe5e909c372

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 34KB - Virtual size: 66KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 34KB - Virtual size: 66KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB