13f2ae8d7d1e4df0340ea49bb646dcb8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13f2ae8d7d1e4df0340ea49bb646dcb8_JaffaCakes118
Size

143KB
MD5

13f2ae8d7d1e4df0340ea49bb646dcb8
SHA1

93331100e4fb198b04dfec00771658ec7a41c137
SHA256

66fc0724aad847f40fe9f791b5c58a58f4be1b9286382167af71253b9e1ef12c
SHA512

aa3c2bc674cf73fb0eb279626f55af2ecce8c20a7c571538a0f409d00709a3424efe5f7d22210e1ac19fcd1624ca9fafbfc4d4cd7acc8a7e16ad2dc7325d00e6
SSDEEP

3072:LI4CNG/jAO+LqDB7afGesAIGk4rEmSkOMsMpLPtyEh77ADZVM5M:U5UjCGa+74qpkOFWPty+7AtVCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f2ae8d7d1e4df0340ea49bb646dcb8_JaffaCakes118

Files

13f2ae8d7d1e4df0340ea49bb646dcb8_JaffaCakes118
.exe windows:8 windows x86 arch:x86

6f19f35d8e521a4d54d8b295d4514ae7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetProcessHeap
WaitForSingleObject
SetEvent
GetCurrentProcessId
MultiByteToWideChar
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
LocalAlloc
LocalAlloc
GetCommandLineA
GetTickCount
GetACP
GetACP
GetTickCount
VirtualFree
LocalFree
MultiByteToWideChar
LocalFree
LocalAlloc
GetProcessHeap
WaitForSingleObject
QueryPerformanceCounter
GetTickCount
GetModuleFileNameA
GetCurrentProcess
GetModuleHandleW
GetProcessHeap
LocalFree
LocalAlloc
GetCommandLineW
SetUnhandledExceptionFilter
GetCurrentThreadId
VirtualFree
FormatMessageW
SetEvent
QueryPerformanceCounter
GetModuleFileNameA
WaitForSingleObject
QueryPerformanceCounter
GetCommandLineA
SetUnhandledExceptionFilter
VirtualFree
LocalFree
GetCommandLineW
GetACP
SetUnhandledExceptionFilter
LocalAlloc
LocalFree
GetModuleHandleA
GetProcessHeap
SetEvent
GetCurrentProcessId
LocalAlloc
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetCommandLineW
QueryPerformanceCounter
VirtualFree
LocalAlloc
MultiByteToWideChar
GetModuleHandleW
WaitForSingleObject
GetCommandLineW
GetProcessHeap
GetCommandLineW
GetACP
GetCurrentProcess
GetModuleHandleA
QueryPerformanceCounter
VirtualFree
LocalAlloc
FormatMessageW
GetCommandLineA
GetModuleFileNameA
LocalFree
GetCommandLineW
SleepEx
GetCurrentProcess
GetProcessHeap
VirtualFree
GetProcessHeap
GetModuleFileNameA
GetTickCount
GetCurrentThreadId
GetCurrentThreadId
GetCommandLineA
GetCommandLineA
GetACP
GetProcessHeap
GetCurrentThreadId
LocalAlloc
WaitForSingleObject
GetModuleHandleA
GetTickCount

gdi32

SelectObject
CreateCompatibleDC
BitBlt
GetDeviceCaps
DeleteDC
GetDeviceCaps
MoveToEx
GetStockObject
PatBlt
CreateCompatibleDC
LineTo
CreateCompatibleDC
GetObjectW
LineTo
SetTextColor
LineTo
GetStockObject
PatBlt
GetObjectW
GetDeviceCaps
CreateCompatibleBitmap
MoveToEx
GetObjectW
DeleteDC
DeleteDC
MoveToEx
DeleteDC
DeleteObject
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
BitBlt
DeleteDC
GetObjectW
LineTo
CreateCompatibleDC
SetTextColor
LineTo
LineTo
CreateCompatibleBitmap
MoveToEx
LineTo
CreateCompatibleBitmap
PatBlt
GetDeviceCaps
DeleteObject
GetStockObject
BitBlt
DeleteDC
GetTextMetricsW
DeleteObject
DeleteObject
MoveToEx
DeleteObject
CreateCompatibleBitmap
SetTextColor
LineTo
DeleteObject
GetDeviceCaps
BitBlt
GetStockObject
SetTextColor
CreateCompatibleDC
BitBlt
DeleteDC
GetObjectW
LineTo
DeleteDC
GetDeviceCaps
GetTextMetricsW
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
GetStockObject
DeleteDC
GetObjectW
CreateCompatibleDC
DeleteObject
DeleteDC
CreateCompatibleDC
MoveToEx
GetStockObject
PatBlt
CreateCompatibleBitmap
SetTextColor
CreateCompatibleDC
MoveToEx
SetTextColor
GetTextMetricsW
CreateCompatibleBitmap
MoveToEx
GetDeviceCaps
GetObjectW
MoveToEx
CreateCompatibleBitmap
SetTextColor

ntdll

NtAllocateVirtualMemory

user32

PostMessageW
DefWindowProcW
DestroyWindow
SendMessageW
DefWindowProcW
SendMessageW
LoadIconW
ReleaseDC
CreateWindowExW
SendMessageW
SendMessageW
GetDC
GetMessageW
SendMessageW
CreateWindowExW
SendMessageW
LoadIconW
GetSystemMetrics
CreateWindowExW
GetMessageW
SetTimer
CreateWindowExW
ReleaseDC
SetTimer
GetDC
GetDlgItem
PostMessageW
SetTimer
GetWindowRect
DestroyWindow
ReleaseDC
ReleaseDC
GetSystemMetrics
CreateWindowExW
PostMessageW
PostMessageW
GetSystemMetrics
ReleaseDC
LoadIconW
SetTimer
GetDC
GetDlgItem
GetDC
DestroyWindow
PostMessageW
LoadIconW
GetDlgItem
GetDC
GetDlgItem
GetDC
ShowWindow
CreateWindowExW
GetDlgItem
ReleaseDC
DefWindowProcW
LoadIconW
GetMessageW
GetWindowRect
PostMessageW
ShowWindow
GetDlgItem
DefWindowProcW
LoadIconW
SendMessageW
SendMessageW
DefWindowProcW
ShowWindow
ShowWindow
DestroyWindow
PostMessageW
GetDC
GetMessageW
PostMessageW
ShowWindow
ReleaseDC
GetMessageW
ShowWindow
SetTimer
SendMessageW
SetTimer
GetDlgItem
GetSystemMetrics
CreateWindowExW
ReleaseDC
DestroyWindow
SendMessageW
GetDC
GetDC
GetWindowRect
GetDlgItem
SendMessageW
GetWindowRect
GetSystemMetrics
DefWindowProcW
GetWindowRect
SetTimer
SendMessageW
DefWindowProcW
GetDC
GetDlgItem
GetDC
ReleaseDC
CreateWindowExW
GetSystemMetrics
DestroyWindow

Sections

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f19f35d8e521a4d54d8b295d4514ae7

Headers

File Characteristics

Imports

kernel32

gdi32

ntdll

user32

Sections

.data Size: 24KB - Virtual size: 24KB

.data Size: 7KB - Virtual size: 8KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 2KB - Virtual size: 124KB

.data
Size: 24KB - Virtual size: 24KB

.data
Size: 7KB - Virtual size: 8KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 2KB - Virtual size: 124KB