610030f8ed8c026d0e1d4564956da2e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

610030f8ed8c026d0e1d4564956da2e6_JaffaCakes118
Size

82KB
MD5

610030f8ed8c026d0e1d4564956da2e6
SHA1

95a8ee8f0f0ae0bfed3f3afb76005cc62b728e9d
SHA256

2e9e4aca4b83ba763b340f6888c588d43bda1f3dc11dafdc729ad2bcf4e9f1c4
SHA512

b0e2220b152cdb33af8ce8641f068155b207ecd99c4e2ca71adc2f26139c51e19241eca6cc45d6d861a1c223559b7d527be9b7abe36a2917e16f9bcac4fc1331
SSDEEP

1536:s6hVs6dXBzYZ1lSqZQ7glVeZ4KNOYwxxJ8n3gPguas9V5OZa77ent/E:s6hC6V10JUAVOzNuxJ8n3Mas9+ZaPeFE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610030f8ed8c026d0e1d4564956da2e6_JaffaCakes118

Files

610030f8ed8c026d0e1d4564956da2e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0478bbe44237800d1594ec5d752041e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

user32

IsDialogMessageA
DestroyWindow
SendMessageA
IsDlgButtonChecked
MsgWaitForMultipleObjects
ReleaseDC
GetWindowLongA
EndDialog
SendDlgItemMessageA
DialogBoxParamA
TranslateMessage
GetWindowTextA
IsWindow
InvalidateRect
SetWindowLongA
DestroyIcon
PeekMessageA
CharUpperA
GetDlgItem
SetWindowPos
EnableWindow
MessageBoxA
LoadImageA
CreateDialogParamA
CharPrevA
GetDC
wsprintfA
CheckDlgButton
DispatchMessageA
GetClientRect
GetSysColor
LoadBitmapA
GetWindowRect
SetDlgItemTextA
SetWindowTextA
LoadStringA
DrawTextA
ShowWindow

kernel32

lstrcatA
VirtualAlloc
CloseHandle
LocalAlloc
CreateThread
GetSystemDirectoryA
SetEvent
HeapFree
lstrcpyA
GetModuleHandleA
GetTickCount
LocalFree
LoadLibraryA
GetWindowsDirectoryA
GetProcessHeap
GetProcAddress
GetDiskFreeSpaceA
HeapAlloc
InterlockedIncrement
lstrcmpiA
lstrcmpA
DeleteCriticalSection
lstrcpynA
InterlockedDecrement
lstrlenA
HeapSize
GetModuleFileNameA
CreateFileA
InitializeCriticalSection
DisableThreadLibraryCalls
CreateEventA
FreeLibrary

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advpack

RegInstall

ntdll

NtAddAtom

gdi32

BitBlt
SetBkColor
SetTextColor
ModifyWorldTransform
CreateCompatibleDC
ExtTextOutA
DPtoLP
CreateFontIndirectA
GetTextMetricsA
GetObjectA
SelectObject
DeleteDC
SetWindowOrgEx
RestoreDC
CreateSolidBrush
DeleteObject
SetGraphicsMode
GetDeviceCaps
SaveDC
SetViewportOrgEx

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegSetValueExA

atl

AtlMarshalPtrInProc

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0478bbe44237800d1594ec5d752041e2

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

kernel32

version

advpack

ntdll

gdi32

advapi32

atl

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 428B

.idata Size: 79KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 79KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B