14bdea020836e99a7c2564e0cf15f600_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14bdea020836e99a7c2564e0cf15f600_JaffaCakes118
Size

296KB
MD5

14bdea020836e99a7c2564e0cf15f600
SHA1

8d5ba63ca45bbd19f29c700ddb637d597c464643
SHA256

2172654f945e559fb82f597537649ba33a81a41a81aceff4e7e86663c4385306
SHA512

28305c1dbcd2c4374e09b04411f179622211930b5542302dd2cdffce7483c4b8680a211c2930e154e15ac8a61776b6df92e8b51e0199e143eb4087024434ca6b
SSDEEP

6144:7sGoDjwV3Ic13LmszR0Qmhlm+YFXTH4XwyUriq:4GoDMV3f78lA5TvHri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14bdea020836e99a7c2564e0cf15f600_JaffaCakes118

Files

14bdea020836e99a7c2564e0cf15f600_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f098eb1998ccecbff2e4c93ab444f5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
VirtualFree
GetLocalTime
MoveFileW
QueryDosDeviceW
TerminateThread
GetModuleFileNameW
FindClose
GlobalUnlock
CreateProcessW
GlobalAlloc
MultiByteToWideChar
MulDiv
FindNextFileW
ResumeThread
CreateWaitableTimerW
DeleteFileW
GetFileAttributesExW
GetCurrentProcess
WriteFile
CancelWaitableTimer
Sleep
VirtualAlloc
InterlockedDecrement
GetFileSize
WaitForMultipleObjects
GetPrivateProfileStringW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
GlobalFree
SuspendThread
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GlobalDeleteAtom
SetWaitableTimer
FreeResource
GlobalAddAtomW
LoadLibraryW
FindFirstFileW
WideCharToMultiByte
DuplicateHandle
FindFirstChangeNotificationW
FindResourceExW
GetCurrentThreadId
ResetEvent
CreateEventW
CloseHandle

user32

LoadCursorW
FillRect
ReleaseCapture
LoadIconW
InvalidateRect
MessageBoxW
TrackPopupMenu
EnableWindow
LoadStringW
UpdateWindow
DrawTextW
CreateWindowExW
SendMessageW
RedrawWindow
IsDlgButtonChecked
GetDlgItem
SetCapture
GetParent
GetKeyState
CreatePopupMenu
wsprintfW
RegisterClassExW
SetForegroundWindow
DispatchMessageW
PostMessageW
SystemParametersInfoW
OffsetRect
TranslateMessage
SetCursor
RegisterHotKey
GetWindowRect
SendDlgItemMessageW
SetCursorPos
GetWindowTextW

gdi32

CreateDCW
CreateCompatibleDC
MoveToEx
CreatePen
CreateCompatibleBitmap
GetDeviceCaps
CreateFontIndirectW
DPtoLP
SetMapMode
SetDIBits
LineTo

advapi32

InitializeSecurityDescriptor
LookupPrivilegeValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
LookupAccountSidW

shell32

SHChangeNotify

ole32

CreateStreamOnHGlobal
CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f098eb1998ccecbff2e4c93ab444f5bf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 268KB - Virtual size: 265KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 268KB - Virtual size: 265KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB