5abacdfdf43fa32fdee360b0a32affc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5abacdfdf43fa32fdee360b0a32affc3_JaffaCakes118
Size

81KB
MD5

5abacdfdf43fa32fdee360b0a32affc3
SHA1

63a1565118f85d5546a1ee61f2d26eac5468e400
SHA256

1a4b9fb8b2f52f0249badb87b8db87e9c57d08cfa4386cb0719fc50552901228
SHA512

90f5783a70021c67c1af906ce5c3c3fc1dae84e68e9502daef2e1c1a0be4b4197cfd1cad8505ac2fea399c4717cc8bfcf5adbca339b32e784f3d8601293bacff
SSDEEP

1536:Mpq4CcxHwnup6W+U07GVyoc4iYwAiMqilFtFc9:zmhYW0adqYtqoFtF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abacdfdf43fa32fdee360b0a32affc3_JaffaCakes118

Files

5abacdfdf43fa32fdee360b0a32affc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

115bace8f8b57a607c2b1b0e692a604a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
CloseHandle
LocalAlloc
GetModuleHandleW
GetModuleFileNameA
GetTickCount
InterlockedIncrement
InterlockedExchange
lstrlenA
lstrlenA
GetCurrentProcessId
CreateFileW
GetTickCount
CreateThread
GetModuleHandleA
ReadFile
HeapFree
lstrlenA
GetVersionExA
GetCurrentProcess
LoadLibraryA
EnterCriticalSection
InterlockedIncrement
GetProcAddress
lstrlenA
FreeLibrary
DisableThreadLibraryCalls
InitializeCriticalSection
EnterCriticalSection
InterlockedDecrement
GetVersionExA
DeleteCriticalSection
DisableThreadLibraryCalls
Sleep
UnhandledExceptionFilter
DisableThreadLibraryCalls
GetCurrentProcess
GetModuleHandleA
GetCurrentProcess
LocalFree
GetCurrentThreadId
InterlockedIncrement
GetCurrentProcess
GetTickCount
InterlockedExchange
GetCurrentProcessId
InterlockedExchange
CreateFileW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcess
GetLastError
VirtualProtect
GetModuleHandleW
SetLastError
CloseHandle
CreateThread
lstrcmpiW
MultiByteToWideChar
LoadLibraryA
GetLastError
InterlockedDecrement
GetProcessHeap
LeaveCriticalSection
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InterlockedExchange
CreateEventW
GetProcAddress
Sleep
CloseHandle
ReadFile
EnterCriticalSection
DisableThreadLibraryCalls
GetLastError
LocalAlloc
DisableThreadLibraryCalls
GetCurrentProcessId
VirtualProtect
VirtualAlloc
InterlockedDecrement
GetModuleHandleW
GetProcessHeap
CreateFileW
InterlockedIncrement
DisableThreadLibraryCalls
GetModuleHandleA
InterlockedCompareExchange
LocalAlloc
QueryPerformanceCounter
CreateFileW
GetLastError
InterlockedExchange
GetProcAddress

gdi32

CreateBitmap
GetBrushOrgEx
GetBkColor
CreateFontA
SetWindowExtEx
SetBrushOrgEx
CreateRectRgn
CombineRgn
CreateSolidBrush
CombineRgn
LineTo
CreateDIBitmap
SetWindowOrgEx
SetTextColor
CreateBitmapIndirect
MoveToEx
SetWindowOrgEx
CreateCompatibleDC
CreateFontA
CreatePen
GetPixel
CreateBitmap
GetCurrentObject
PatBlt
GetBrushOrgEx
CreatePen
CreateCompatibleDC
CreateCompatibleDC
Ellipse
CreateFontA
StretchBlt
CreateFontIndirectA
PatBlt
SetBkColor
CreateDIBSection
CreateSolidBrush
CreateSolidBrush
LineTo
RoundRect
CreateDIBSection
Ellipse
GetWindowOrgEx
CreateCompatibleDC
GetBrushOrgEx
CreateSolidBrush
LineTo
GetBkColor
CreateBitmapIndirect
BitBlt
BitBlt
SetBkMode
CreateBitmap
BitBlt
BitBlt
GetBkMode
BitBlt
SetBkColor
SetBkColor
SetBkMode
CreatePen
CreateRectRgn
CombineRgn
MoveToEx
MoveToEx
SetBkColor
StretchBlt
MoveToEx
StretchBlt
CreatePen
SetBrushOrgEx
SetPixel
BitBlt
SetBkMode
Rectangle
GetWindowExtEx
BitBlt
GetBkMode
GetBrushOrgEx
LineTo
SetBrushOrgEx
SetWindowExtEx
Polygon
Rectangle
SetBrushOrgEx
CreateBitmapIndirect
PatBlt
GetPixel
GetWindowExtEx
Rectangle
CombineRgn
SetBrushOrgEx
SelectObject

user32

GetDC
IsWindow
BeginPaint
KillTimer
IsWindow
EnableWindow
SetFocus
SetWindowPos
SetDlgItemTextW
SendMessageW
GetParent
InvalidateRect
PostQuitMessage
KillTimer
GetDC
PostMessageW
DefWindowProcW
GetFocus
PostQuitMessage
DestroyWindow
MessageBoxW
BeginPaint
LoadStringW
IsDlgButtonChecked
PostQuitMessage
ReleaseDC
EndPaint
EndPaint
BeginPaint
CreateWindowExW
BeginPaint
IsWindow
SetDlgItemTextW
DefWindowProcW
PostMessageW
DialogBoxParamW
SetWindowLongW
GetWindowRect
GetParent
MessageBoxW
GetDesktopWindow
TranslateMessage
SetWindowTextW
EndDialog
SetFocus
IsDlgButtonChecked
wsprintfA
SetWindowPos
SetCursor
LoadStringW
LoadIconW
BeginPaint
PostQuitMessage
ShowWindow
DialogBoxParamW
IsDlgButtonChecked
CreateWindowExW
LoadIconW
LoadIconW
GetFocus
DestroyWindow
LoadIconW
GetDlgItem
GetDC
TranslateMessage
DestroyWindow
DialogBoxParamW
GetFocus
GetWindowLongW
EndDialog
TranslateMessage
DialogBoxParamW
SetDlgItemTextW
LoadIconW
GetSysColor
IsWindow
SetWindowTextW
ShowWindow
GetSysColor
GetParent
GetFocus
BeginPaint
LoadCursorW
SetWindowLongW
IsDlgButtonChecked
SetForegroundWindow
IsWindow
wsprintfA
SetCursor
CreateWindowExW
DispatchMessageW
SendMessageW
SetFocus
GetSystemMetrics
GetFocus
GetClientRect
MessageBoxW
EndPaint

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115bace8f8b57a607c2b1b0e692a604a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 7KB - Virtual size: 8KB

.data Size: 65KB - Virtual size: 92KB

.rdata Size: 7KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.data
Size: 65KB - Virtual size: 92KB

.rdata
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB