6218b34610f302caeea641ff0b722f1d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6218b34610f302caeea641ff0b722f1d_JaffaCakes118
Size

467KB
MD5

6218b34610f302caeea641ff0b722f1d
SHA1

6cd7e143835ff2b9db6aed585fad2c50772b3801
SHA256

1b3d9323081500a1828b3d71b33136cc1309a869c0667f627f6e1b5876669b40
SHA512

3d71d2f3ae5a49ad470e31f61314f2135dbd982f4e0c13b95e53dedaf8776aed28e686ebba0e2e949627dd399448655ba3209e3328d6e0f25eb5597f38a6d0ab
SSDEEP

12288:/suPdwBfG764RHONHiugR/C2x9/U8JcVUCrFB6r6i:/4kRHONFg5Pc8JcVzrFBNi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6218b34610f302caeea641ff0b722f1d_JaffaCakes118

Files

6218b34610f302caeea641ff0b722f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6d339a9d9456f5b028d66f51e62befd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalUnlock
VirtualAlloc
GlobalLock
IsBadHugeReadPtr
CreateEventW
WideCharToMultiByte
HeapAlloc
SetFilePointer
QueryPerformanceCounter
GetFileSize
LocalAlloc
lstrcpynW
GetSystemInfo
CloseHandle
GetLastError
lstrcpyW
MulDiv
LeaveCriticalSection
CreateFileW
GetACP
GetOverlappedResult
GetFullPathNameW
Sleep
IsBadStringPtrW
VirtualFree
HeapFree
GlobalMemoryStatusEx
LocalFree
SetEvent
lstrcatA
EnterCriticalSection
IsBadCodePtr
ExitProcess
GlobalHandle
lstrcpyA
QueryPerformanceFrequency
LoadLibraryW
WaitForSingleObject
GetProcessHeap
lstrlenA
lstrlenW
SetThreadPriority
GetVersionExW
GetModuleHandleW
CreateThread
IsBadReadPtr
GlobalAlloc
lstrcmpiW
LocalLock
GetCurrentThreadId
GetLocalTime
lstrcatW
GetFileAttributesW
DisableThreadLibraryCalls
GetDiskFreeSpaceW
GetThreadPriority
GetProcAddress
WriteFile
LocalHandle
InitializeCriticalSection
GetCurrentThread
MultiByteToWideChar
DeleteFileW
DeleteCriticalSection
IsBadWritePtr
FreeLibrary
GlobalFree
GetModuleFileNameW
GetPrivateProfileStringW

winmm

mmioClose
mmioSeek
waveInPrepareHeader
mmioAscend
waveInAddBuffer
waveInStart
waveInOpen
CloseDriver
waveInReset
mmioWrite
mmioFlush
timeGetTime
mciSendStringW
OpenDriver
waveInUnprepareHeader
mmioDescend
waveInClose
SendDriverMessage
mmioOpenW
mmioCreateChunk
mmioRead
waveInStop
waveOutGetNumDevs

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msvfw32

ICCompressorChoose
DrawDibClose
ICSeqCompressFrameStart
DrawDibRealize
ICSeqCompressFrame
ICCompressorFree
DrawDibOpen
DrawDibDraw
DrawDibGetPalette
ICSeqCompressFrameEnd
DrawDibBegin
ICImageDecompress

advapi32

RegOpenKeyA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegCloseKey
RegCreateKeyW
RegEnumKeyW

ntdll

NtAddAtom
NtAllocateVirtualMemory
RtlUlongByteSwap

gdi32

RealizePalette
GetPaletteEntries
GetNearestPaletteIndex
PatBlt
SelectPalette
DeleteObject
GetStockObject
GetDCOrgEx
GetSystemPaletteEntries
SelectObject
SetWindowOrgEx
GetClipBox
GetDeviceCaps
CreatePalette
GetObjectW

user32

SetClipboardData
GetDC
SendMessageW
GetMessageW
SetRect
LoadCursorW
CreateWindowExW
SetTimer
TranslateMessage
wsprintfA
EndPaint
GetClipboardData
PeekMessageW
BeginPaint
GetWindowLongW
MsgWaitForMultipleObjects
DispatchMessageW
GetClientRect
EmptyClipboard
LoadStringA
DefWindowProcW
GetParent
GetAsyncKeyState
MessageBeep
UpdateWindow
KillTimer
LoadStringW
GetClassInfoW
InvalidateRect
EqualRect
SetWindowLongW
wvsprintfW
wsprintfW
OpenClipboard
RegisterClassW
MessageBoxW
ClientToScreen
CloseClipboard
SetCursor
IsWindow
ReleaseDC
PostMessageW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6d339a9d9456f5b028d66f51e62befd

Headers

File Characteristics

Imports

kernel32

winmm

version

msvfw32

advapi32

ntdll

gdi32

user32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 268KB - Virtual size: 267KB

.rsrc Size: 169KB - Virtual size: 168KB

.data Size: 14KB - Virtual size: 984KB

.reloc Size: 512B - Virtual size: 24B

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 268KB - Virtual size: 267KB

.rsrc
Size: 169KB - Virtual size: 168KB

.data
Size: 14KB - Virtual size: 984KB

.reloc
Size: 512B - Virtual size: 24B