61119faaad545f5f8371b1ee4bfc9667_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

61119faaad545f5f8371b1ee4bfc9667_JaffaCakes118
Size

109KB
MD5

61119faaad545f5f8371b1ee4bfc9667
SHA1

244c3fa585fc4d2fea081cd12d60de75e7d9ef09
SHA256

2b2ac942e0c2d273c3673dbc8b4c00f79d9cfa380efb22d58ec9e22645a42664
SHA512

9d2b7c26c370a89863ca53e3d1cd0a9d85b22c9f25b929f18264b2c33d6954e970cfff29138edd168a15160f48279ff6ad3c4bd6c082234f0b67db730d735b73
SSDEEP

3072:aAEXSt2mcMavi4//YEVtdnvAjClgyv5CbkbV:4XSl9avkinvAW/BCbkb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61119faaad545f5f8371b1ee4bfc9667_JaffaCakes118

Files

61119faaad545f5f8371b1ee4bfc9667_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fac5da366a6aff988cbfc29f26566783

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

wvsprintfA
GetProcessWindowStation
MsgWaitForMultipleObjectsEx
ClientThreadSetup
SetScrollInfo
ReleaseDC
SetScrollInfo
IsChild
MsgWaitForMultipleObjects
GetSysColor
UnregisterClassW
GetSysColor
WaitMessage
LoadStringW
SystemParametersInfoW
SetScrollInfo
PeekMessageW
LoadStringW
wsprintfA
ClientThreadSetup
GetDCEx
FindWindowA
GetSysColorBrush
SystemParametersInfoW
CharUpperBuffW
UnregisterClassW
LoadStringW
GetAppCompatFlags2
LoadStringW
RegisterClipboardFormatA

kernel32

WriteProcessMemory
LoadLibraryA
ReadFile
LoadLibraryExW
GetStartupInfoA
VirtualProtect
WaitForSingleObjectEx
LoadLibraryExA
TerminateProcess
WaitForSingleObjectEx
DeviceIoControl
LoadLibraryExA
VirtualProtect
WriteProcessMemory
Sleep
LoadLibraryExA
GetSystemTime
DeviceIoControl
WaitForSingleObjectEx
ReadProcessMemory
SleepEx
CreateProcessW
TerminateProcess
CreateProcessW
GetStartupInfoW
CreateProcessW
GetStartupInfoA
LoadLibraryExW
CreateProcessW
WaitForSingleObjectEx
CreateProcessA
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
TlsGetValue
FindAtomA
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
Sleep
ReleaseMutex
CreateProcessA
SleepEx
GetSystemTime
GetStartupInfoA
TerminateProcess
TerminateProcess
TerminateProcess
GetSystemTime
ReadFile
GetStartupInfoA
VirtualProtectEx
VirtualProtect
ReleaseMutex
Sleep
CreateProcessW
CreateProcessA
VirtualProtect
LoadLibraryA
ReadProcessMemory
ReleaseMutex
LoadLibraryA
WriteProcessMemory
WaitForSingleObject
Sleep
CreateProcessA
GetStartupInfoW
CreateFileA
ReadFile
CreateProcessW
GetStartupInfoA
TerminateProcess
WaitForSingleObjectEx
ReadProcessMemory
Sleep
CreateProcessA
GetStartupInfoA
TerminateProcess
GetSystemTime
LoadLibraryExA
CreateProcessA
LoadLibraryExA
WaitForSingleObjectEx
WaitForSingleObjectEx
VirtualProtectEx
ReadProcessMemory
GetSystemTime
VirtualProtect
CreateProcessW
CreateFileA
Sleep
DeviceIoControl
GetStartupInfoW
WaitForSingleObject
Sleep
GetStartupInfoW
VirtualProtectEx
CreateFileA
GetSystemTimeAsFileTime
CreateProcessW
WriteProcessMemory
LoadLibraryExA
WaitForSingleObjectEx
WriteProcessMemory
CreateFileA
CreateProcessW
WriteProcessMemory
LoadLibraryExW
Sleep
ReadFile
WaitForSingleObjectEx
GetSystemTime
LoadLibraryA
CreateProcessW
LoadLibraryA
DeviceIoControl
SleepEx
GetStartupInfoA
DeviceIoControl
GetStartupInfoA
WaitForSingleObject
GetSystemTimeAsFileTime
CreateProcessW
GetStartupInfoW
GetSystemTimeAsFileTime
ReadProcessMemory
ReleaseMutex
GetSystemTime
ReadFile
TerminateProcess
LoadLibraryA
CreateProcessA
ReadProcessMemory
GetSystemTime
CreateProcessW
VirtualProtect
SleepEx
TerminateProcess
VirtualProtect
CreateProcessA
LoadLibraryA
ReleaseMutex
ReadFile
LoadLibraryA
TerminateProcess
LoadLibraryExA
LoadLibraryA
VirtualProtect
SleepEx
TerminateProcess
GetSystemTime
LoadLibraryExA
LoadLibraryExW
GetSystemTime
VirtualProtectEx
WaitForSingleObjectEx
CreateProcessA
LoadLibraryA
VirtualProtectEx
VirtualProtectEx
TerminateProcess
LoadLibraryExW
DeviceIoControl
WaitForSingleObject
SleepEx
CreateProcessW
LoadLibraryA
ReadProcessMemory
WaitForSingleObject
GetSystemTimeAsFileTime

advapi32

GetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
AccessCheck
RegCloseKey
OpenThreadToken
GetSecurityDescriptorDacl
RegCloseKey
ImpersonateNamedPipeClient
GetTokenInformation
OpenThreadToken
RegCloseKey
ImpersonateNamedPipeClient
MakeSelfRelativeSD
ImpersonateNamedPipeClient
MakeSelfRelativeSD
GetSecurityDescriptorDacl
OpenThreadToken
OpenThreadToken
GetSecurityDescriptorDacl

gdi32

GetCurrentObject
DeleteDC
GetLayout
GetViewportOrgEx
DeleteDC
GetLayout
SetBkMode
GdiConsoleTextOut
SetTextColor
PolyPatBlt
SetBkMode
OffsetWindowOrgEx
ExtSelectClipRgn
TextOutW
GetDeviceCaps
GdiReleaseDC
GetHFONT
ExtTextOutW
IntersectClipRect
BitBlt

comdlg32

GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fac5da366a6aff988cbfc29f26566783

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 71KB - Virtual size: 148KB

.data Size: 3KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 71KB - Virtual size: 148KB

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 8KB