33f89c5ab5acaf8ecf8930ec96f11522_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33f89c5ab5acaf8ecf8930ec96f11522_JaffaCakes118
Size

120KB
MD5

33f89c5ab5acaf8ecf8930ec96f11522
SHA1

a7bd447094ce85540e04998fd8a4722ebb019ded
SHA256

21ebbf1fdaac734fe59f4ed788dd3da26a67e8a1f98ef6e1f33cf634ab980562
SHA512

60ebad34b08b3e52e97aa5e4fed9cc35292fec7cdac5da3ec4656647c71998912c7d603ef198730132965fbb9e6d8d87cc959e8862901ac77d3fc495bf23992f
SSDEEP

3072:cAaG8I8z0lutYUAWPiLKJF15EklZlY2qv/hCrebi:x8Qk0W6LKJOke2qv8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33f89c5ab5acaf8ecf8930ec96f11522_JaffaCakes118

Files

33f89c5ab5acaf8ecf8930ec96f11522_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b7becfab26696febbad4ce9b886bf205

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapSize
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
LCMapStringA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
LockResource
TerminateProcess
VirtualProtect
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LoadResource
FindResourceW
InterlockedIncrement
ReleaseMutex
GetProcAddress
LocalFree
LocalAlloc
lstrcpynA
CompareStringA
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
GlobalReAlloc
lstrcmpA
lstrcpyA
lstrcmpiA
GetVersion
lstrlenA
GetCommandLineA
FreeEnvironmentStringsW
ExitProcess
VirtualQuery
HeapAlloc
HeapFree
RtlUnwind
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InterlockedExchange
GetSystemInfo

user32

wsprintfW
OffsetRect
UnregisterClassA
GetWindowLongA
SetWindowLongA
WinHelpA
GetParent
EnableWindow
IsDlgButtonChecked
GetWindowRect
LoadStringA
SetDlgItemTextA
SetWindowPos
GetDesktopWindow
IsWindowVisible
IsIconic
CheckDlgButton
SetForegroundWindow
MessageBoxA
SendMessageA
SetFocus
GetDlgItem
GetDlgItemTextA
EndDialog
wsprintfA
EqualRect
IntersectRect
CopyRect

advapi32

RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
LsaNtStatusToWinError
LsaClose
LsaFreeMemory
LsaStorePrivateData
LsaOpenPolicy
LsaRetrievePrivateData
RegOpenKeyExA

gdi32

SetBkMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetBkColor
CreateFontIndirectA
Escape
SetWindowExtEx
EnumFontsA
CreateICA
CreateMetaFileA
StretchDIBits
CreateBrushIndirect
CreatePen
GetStockObject
DeleteObject
SaveDC
RestoreDC
SelectObject
Rectangle
CreatePenIndirect
IntersectClipRect
DeleteDC
SetWindowOrgEx
ExcludeClipRect

rpcrt4

NdrClientCall2

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7becfab26696febbad4ce9b886bf205

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

rpcrt4

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 36KB - Virtual size: 70KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 36KB - Virtual size: 70KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB