33bc948392698b43c1cc5a83d7386bcf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

33bc948392698b43c1cc5a83d7386bcf_JaffaCakes118
Size

368KB
MD5

33bc948392698b43c1cc5a83d7386bcf
SHA1

ddab0311265a2f52e014749c88b4d7933ec504de
SHA256

c591db3d4e08fac867a0570180f65fe731a4d8654ff637058b584999e93960ed
SHA512

5d599bd81f2d8007fb9c41961150ca3e1fa42c99e12e1f5efad85f23bd5d596a2c53d43da873e39b80aeeaf1295c7179fe72ad75c45feebaa88607ffc6a74ae4
SSDEEP

6144:Kel5naLGiVhaTv67BVO3bP0H2OURgcoeIqbOaToh5lFZTxgZfS3NsB:KQ5ziHaTv6FVicdhFefAlrTOZaA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33bc948392698b43c1cc5a83d7386bcf_JaffaCakes118

Files

33bc948392698b43c1cc5a83d7386bcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90dc9ff2c6f1f5c1cc5fa472be583bcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetConsoleMode
GetExitCodeThread
GetCurrentThreadId
TlsAlloc
lstrcpynA
GetModuleFileNameW
UnmapViewOfFile
GetThreadLocale
GetSystemTimeAsFileTime
FindNextFileW
IsDebuggerPresent
GetProcessHeap
lstrcpyA
VirtualProtect
GetDriveTypeA
LoadResource
WaitForSingleObject
ResumeThread
GetTickCount
HeapFree
FindResourceA
LCMapStringA
Sleep
OutputDebugStringW
CreateFileA
SystemTimeToFileTime
lstrcpynW
SizeofResource
SetLastError
MultiByteToWideChar
GetCurrentProcess
GetModuleHandleA
GetFileAttributesW
IsBadWritePtr
GetStartupInfoA
OpenMutexA
HeapDestroy
GlobalAlloc
GetVersion
CreateDirectoryW
lstrcatA
GetVersionExW
GetDriveTypeW
ExitProcess
OpenMutexW
TlsFree
HeapSize
CreateThread
WriteProfileStringW
ResetEvent
LoadLibraryExA
lstrcmpW
GetComputerNameW
OpenEventA
GetModuleHandleW
VirtualAlloc
lstrcatW
GetUserDefaultLCID
SetFileAttributesW

advapi32

RegSetValueA
GetSecurityDescriptorOwner
GetTraceLoggerHandle
CryptAcquireContextW
ConvertSidToStringSidW
RegFlushKey
AddAccessAllowedAce
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
UnregisterTraceGuids
DeregisterEventSource
GetSidIdentifierAuthority
RegSetValueW
RegEnumKeyExW
LookupPrivilegeValueW
RegCreateKeyW
RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyExW
QueryServiceStatus
InitializeAcl
SetServiceStatus
UnlockServiceDatabase
RegOpenKeyA
CryptDestroyKey
ConvertStringSidToSidW
OpenServiceA
RegSetValueExA

user32

IsWindowEnabled
LoadCursorA
DrawTextA
CharNextA
GetSysColorBrush
DrawFocusRect
IntersectRect
MessageBeep
DrawTextW
ReleaseCapture
CallWindowProcW
SystemParametersInfoW
KillTimer
SetWindowPos
FindWindowA
CharUpperA
CheckMenuItem
CharUpperW
CharLowerW
RegisterClassExW
GetWindowTextW
GetMessageA
CheckDlgButton
BeginPaint
GetWindow
LoadIconW
SetDlgItemTextA
GetClassNameW
wsprintfW
GetMessageW
GetAsyncKeyState
TrackPopupMenu
RegisterClassExA
MapWindowPoints
GetWindowLongW
GetDlgItem
SetCapture
MessageBoxA
GetSystemMetrics
ReleaseDC
LoadBitmapA
CreateWindowExA
IsChild
EqualRect
GetClientRect
IsRectEmpty
GetForegroundWindow
CallNextHookEx
ClientToScreen
GetProcessWindowStation

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 7KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90dc9ff2c6f1f5c1cc5fa472be583bcc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 289KB - Virtual size: 289KB

.bss Size: 6KB - Virtual size: 6KB

.tls Size: 5KB - Virtual size: 4KB

.textbss Size: 6KB - Virtual size: 5KB

.textbss Size: 6KB - Virtual size: 5KB

.textbss Size: 7KB - Virtual size: 287KB

BSS Size: 5KB - Virtual size: 5KB

DATA Size: 7KB - Virtual size: 7KB

.tls Size: 6KB - Virtual size: 5KB

.bss Size: 5KB - Virtual size: 244KB

.tls Size: 6KB - Virtual size: 6KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 289KB - Virtual size: 289KB

.bss
Size: 6KB - Virtual size: 6KB

.tls
Size: 5KB - Virtual size: 4KB

.textbss
Size: 6KB - Virtual size: 5KB

.textbss
Size: 6KB - Virtual size: 5KB

.textbss
Size: 7KB - Virtual size: 287KB

BSS
Size: 5KB - Virtual size: 5KB

DATA
Size: 7KB - Virtual size: 7KB

.tls
Size: 6KB - Virtual size: 5KB

.bss
Size: 5KB - Virtual size: 244KB

.tls
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 17KB - Virtual size: 16KB