34984a26bbe40aabe2981c85930015a2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34984a26bbe40aabe2981c85930015a2_JaffaCakes118
Size

464KB
MD5

34984a26bbe40aabe2981c85930015a2
SHA1

080e85d410f55bf3b14c96c21a0c3a6b1786d858
SHA256

307fd89dda3c68c5e26b71f3e85aecba81289706b7f376c171464a9cead41c36
SHA512

2ebdf429bc379c9ae2f4eb892c7ee7df4bc314cfb10b67be33934183f1becc48e9048f32db11cde1f43348d6fd57ce45ce0fec7a9554bddb037dbc601a9c1014
SSDEEP

12288:b4Y+dBoMaimD6lG+NmMbMDNJ7XQmqPgPZpCidyv:frYmD6XNvMDNNUgRQMyv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34984a26bbe40aabe2981c85930015a2_JaffaCakes118

Files

34984a26bbe40aabe2981c85930015a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7d204034a1f494982654b0b90667fff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleFileNameW
SetStdHandle
GetModuleHandleW
FreeLibrary
FindResourceW
HeapDestroy
GetTimeFormatW
GetSystemInfo
GetUserDefaultLCID
FindResourceExA
VirtualAlloc
GetUserDefaultLangID
CreateFileW
LCMapStringA
CompareStringA
GlobalFree
MapViewOfFile
FreeEnvironmentStringsA
IsBadWritePtr
CreateThread
SetLastError
GetEnvironmentStrings
CreateEventW
LocalSize
GetLocaleInfoA
UnhandledExceptionFilter
lstrlenA
SetHandleCount
lstrlenW
lstrcmpiW
SetUnhandledExceptionFilter
LocalFree
MultiByteToWideChar
SetEvent
VirtualQuery
IsBadReadPtr
lstrcmpW
GetLocalTime
GetProcAddress
LCMapStringW
QueryPerformanceCounter
TlsAlloc
GlobalUnlock
GlobalHandle
EnterCriticalSection
GetVersionExA
GetProcessHeap
FreeResource
WideCharToMultiByte
CreateFileMappingW
GetStringTypeExW
LeaveCriticalSection
LoadLibraryA
GetCurrentProcess
FindResourceExW
GetModuleFileNameA
GetThreadLocale
LocalReAlloc
WriteFile
DeleteCriticalSection
GetTickCount
WaitForSingleObject
CloseHandle
GetDateFormatW
TerminateProcess
LoadResource
GetStringTypeW
EnumCalendarInfoW
GetEnvironmentStringsW
SetFilePointer
GetACP
GetCommandLineA
InterlockedCompareExchange
TlsFree
SizeofResource
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentThreadId
GetStringTypeA
GlobalAddAtomW
GetStdHandle
MulDiv
GlobalAlloc
GetNumberFormatW
InterlockedIncrement
FreeEnvironmentStringsW
Sleep
GetSystemDefaultLCID
GetFileType
UnmapViewOfFile
CompareStringW
HeapCreate
lstrcpynW
FlushFileBuffers
EnumResourceLanguagesW
GetLocaleInfoW
TlsGetValue
GlobalReAlloc
lstrcmpA
VirtualFree
GetOEMCP
LocalAlloc
InterlockedDecrement
GetModuleHandleA
GetFileSize
DisableThreadLibraryCalls
GetLastError
TlsSetValue
LoadLibraryW
HeapFree
InitializeCriticalSection
GetCPInfo
InterlockedExchange
LockResource
GetWindowsDirectoryW
HeapReAlloc
VirtualProtect
GetCurrentProcessId
ExitProcess
lstrcmpiA

ddraw

DirectDrawCreate

atl

AtlModuleRegisterClassObjects

gdi32

RectVisible
CreateRectRgn
CreateRectRgnIndirect
MoveToEx
SetPixel
StretchDIBits
Polyline
GetPaletteEntries
DeleteDC
Rectangle
RestoreDC
GetWindowExtEx
FillRgn
CreateFontIndirectW
CreateFontW
CreateRoundRectRgn
BitBlt
GetNearestColor
CreatePalette
SetBrushOrgEx
UnrealizeObject
GetCurrentObject
SetBkColor
EnumFontFamiliesExW
CreateCompatibleDC
Arc
CreateDIBSection
IntersectClipRect
SelectObject
SetDIBColorTable
SaveDC
GetTextExtentPoint32W
GetCharWidthA
GetDCOrgEx
GetTextAlign
OffsetWindowOrgEx
RealizePalette
SelectPalette
SetTextColor
SetTextAlign
CreateCompatibleBitmap
CombineRgn
GetDeviceCaps
LineTo
GetCharWidthW
GetTextCharsetInfo
ExtTextOutA
StretchBlt
CreatePen
MaskBlt
GetBitmapBits
PatBlt
CreateBitmap
SetDIBits
GetViewportExtEx
CreateHalftonePalette
FrameRgn
ExtTextOutW
SetWindowOrgEx
GetTextExtentPointA
CreateSolidBrush
SelectClipRgn
GetObjectW
GetTextMetricsW
CreateBitmapIndirect
GetDIBits
TextOutW
GetBkColor
GetClipBox
OffsetRgn
ExtSelectClipRgn
ExcludeClipRect
GetPixel
GetStockObject
CreatePatternBrush
GetClipRgn
GetDIBColorTable
Ellipse
DeleteObject
SetPixelV
GetTextExtentPointW
SetBkMode
CreatePolygonRgn
TranslateCharsetInfo
GetTextColor

ntdll

RtlAddAuditAccessAceEx

advapi32

AllocateAndInitializeSid
RegSetValueExW
RegOpenKeyExA
RegCreateKeyW
RegOpenKeyExW
RegOpenCurrentUser
RegCloseKey
RegQueryValueW
OpenProcessToken
CheckTokenMembership
RegQueryValueExW
FreeSid
RegQueryValueExA
RegCreateKeyExW

Sections

.text
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7d204034a1f494982654b0b90667fff

Headers

File Characteristics

Imports

kernel32

ddraw

atl

gdi32

ntdll

advapi32

Sections

.text Size: 4KB - Virtual size: 924B

.rdata Size: 372KB - Virtual size: 371KB

.data Size: 12KB - Virtual size: 2.4MB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 4KB - Virtual size: 924B

.rdata
Size: 372KB - Virtual size: 371KB

.data
Size: 12KB - Virtual size: 2.4MB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 64KB - Virtual size: 63KB