0d445e203d8dfc1697a99f5c2a46ad7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d445e203d8dfc1697a99f5c2a46ad7e_JaffaCakes118
Size

25KB
MD5

0d445e203d8dfc1697a99f5c2a46ad7e
SHA1

7ee3f19eead2950be3c774a3c7c0ecc1913835a9
SHA256

33e1e6244cddf88fefe8e046a14036c37c2f5dee7bbf3ede059e117dde1db77f
SHA512

aff1c4260262ed5689ee0564d0ffabd30462f0c616d1453ad5825f7157024457942e7ac4bf2a1fb20e955d1a83e66e63899cdeb0c979d79494a2aab17d715028
SSDEEP

768:NMlD5zQnyk9P5pY44H4OqjL7k3eVZ5ELcJGarbApRtOKLI74vzDHW:NMlD5zQnyuP5pY44H4OsL7k3eyLyGard

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d445e203d8dfc1697a99f5c2a46ad7e_JaffaCakes118

Files

0d445e203d8dfc1697a99f5c2a46ad7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

866763e6f27f1354f52c0b79c65e64b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipBox
GetStockObject
DeleteObject
GetPaletteEntries
SelectPalette
GetObjectW
RealizePalette
GetSystemPaletteEntries
GetDeviceCaps
PatBlt
CreatePalette
SetWindowOrgEx
SelectObject
GetDCOrgEx
GetNearestPaletteIndex

kernel32

DeleteCriticalSection
CreateEventW
WideCharToMultiByte
SetFilePointer
SetThreadPriority
SetEvent
IsBadStringPtrW
FreeLibrary
DeleteFileW
GlobalMemoryStatusEx
DisableThreadLibraryCalls
QueryPerformanceFrequency
GlobalReAlloc
HeapAlloc
EnterCriticalSection
GetDiskFreeSpaceW
LocalUnlock
GetLastError
lstrcatW
GetFullPathNameW
WaitForSingleObject
GlobalUnlock
HeapFree
LocalLock
GetPrivateProfileStringW
CreateThread
GetModuleHandleW
ExitProcess
lstrcpynW
GetACP
IsBadCodePtr
CreateFileW
GetCurrentThreadId
GetCurrentThread
GetSystemInfo
IsBadHugeReadPtr
lstrcmpiW
CloseHandle
MulDiv
LocalFree
GetThreadPriority
GetVersionExW
MultiByteToWideChar
GetProcAddress
GetFileAttributesW
LocalAlloc
GetProcessHeap
lstrlenA
lstrcatA
VirtualFree
IsBadWritePtr
Sleep
QueryPerformanceCounter
LeaveCriticalSection
WriteFile
lstrcpyW
GetFileSize
lstrcpyA
GlobalLock
IsBadReadPtr
GetModuleFileNameW
LocalHandle
GlobalAlloc
GetLocalTime
lstrlenW
LoadLibraryW
VirtualAlloc
GlobalFree
GetOverlappedResult
GlobalHandle

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyA
RegCreateKeyW
RegQueryValueExA
RegOpenKeyW
RegEnumKeyW

ntdll

NtAllocateVirtualMemory
NtAddAtom
RtlUlongByteSwap

user32

LoadStringW
GetClipboardData
EmptyClipboard
SetTimer
MessageBoxW
MessageBeep
wsprintfW
MsgWaitForMultipleObjects
DefWindowProcW
SetRect
PostMessageW
SetCursor
TranslateMessage
CloseClipboard
UpdateWindow
OpenClipboard
LoadCursorW
KillTimer
IsWindow
InvalidateRect
SendMessageW
PeekMessageW
GetMessageW
GetClientRect
GetDC
wsprintfA
ClientToScreen
SetClipboardData
GetWindowLongW
EqualRect
DispatchMessageW
ReleaseDC
GetClassInfoW
LoadStringA
CreateWindowExW
GetAsyncKeyState
GetParent
BeginPaint
RegisterClassW
wvsprintfW
SetWindowLongW
EndPaint

msvfw32

ICCompressorChoose
ICCompressorFree
ICSeqCompressFrameStart
DrawDibRealize
ICSeqCompressFrame
ICImageDecompress
DrawDibGetPalette
DrawDibDraw
DrawDibBegin
ICSeqCompressFrameEnd
DrawDibOpen
DrawDibClose

winmm

CloseDriver
waveInStart
waveInStop
mmioAscend
mmioOpenW
waveInAddBuffer
OpenDriver
waveInOpen
timeGetTime
waveInUnprepareHeader
mmioWrite
mmioDescend
waveInPrepareHeader
waveInReset
mmioClose
mmioSeek
mciSendStringW
waveInClose
SendDriverMessage
waveOutGetNumDevs
mmioCreateChunk
mmioRead
mmioFlush

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

866763e6f27f1354f52c0b79c65e64b9

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

ntdll

user32

msvfw32

winmm

version

Sections

.text Size: 20KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 72KB

.rdata Size: 512B - Virtual size: 162B

.reloc Size: 512B - Virtual size: 24B

.text
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 72KB

.rdata
Size: 512B - Virtual size: 162B

.reloc
Size: 512B - Virtual size: 24B