623435f5977040354f4b4e27f9988343_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

623435f5977040354f4b4e27f9988343_JaffaCakes118
Size

24KB
MD5

623435f5977040354f4b4e27f9988343
SHA1

9dfa2e6b982636bfe5867a08b29175281ee0c31f
SHA256

548272caee268dccf62166b1495ab5250032589e74f616657539f47e9585fd00
SHA512

b38d928e9328cac7b8749216924a457557c58e8eb78ae0541afdc0cc27fa88aa1c16fcf787ad3febde5b1edaa86f0beda57b944eff6c1c8683b4fb7e6c9ab902
SSDEEP

384:fkDo1MoHCEJP6mnuPHswcNTDQmA6Xn4Rqj+UGs1wNyclsQ1wc8nxh:Z2cCEIVHBcNTDQztqj+U2xSc8nxh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
623435f5977040354f4b4e27f9988343_JaffaCakes118

Files

623435f5977040354f4b4e27f9988343_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1388f5ee2c2170d512b114c86870acd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_ftol
memmove

kernel32

SetUnhandledExceptionFilter
InterlockedExchange
RaiseException
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetUserDefaultLCID
GetProfileIntA
LeaveCriticalSection
GetSystemDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LocalLock
Sleep
GetTickCount
IsBadReadPtr
FreeLibrary
GetProcAddress
GetLocaleInfoW
LocalFree
lstrcmpiA
lstrlenA
FormatMessageA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetSystemDefaultLangID
FindAtomA
GetCurrentThreadId
IsBadWritePtr
GetLastError
ReadFile
WriteFile
CloseHandle
SetFilePointer
IsValidCodePage
GetThreadLocale
GlobalAlloc
GlobalFree
GlobalFlags
GlobalReAlloc
GlobalSize
GlobalLock
GlobalHandle
GlobalUnlock
MulDiv
GetVersionExA
lstrcmpiW
GetACP
LocalAlloc
LocalReAlloc
GetModuleHandleA
GetStringTypeExA
FindAtomW
GetStringTypeExW
CreateFileA
CreateFileW
CompareStringA
CompareStringW
GetProfileSectionA
GetProfileSectionW
LoadLibraryA
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
EnterCriticalSection

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA

user32

SetTimer
KillTimer
ScrollWindowEx
SetForegroundWindow
SetScrollInfo
GetWindow
IsWindow
GetDesktopWindow
SystemParametersInfoW
WindowFromPoint
GetForegroundWindow
IsChild
IsWindowEnabled
GetCapture
GetCaretPos
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardOwner
GetClipboardData
CharUpperW
MessageBoxA
UnregisterClassA
SetCaretPos
EnableScrollBar
wvsprintfA
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
GetClassLongA
GetClassLongW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
SetWindowLongA
SetWindowLongW
PostMessageA
PostMessageW
PeekMessageA
PeekMessageW
RegisterWindowMessageA
PostQuitMessage
MessageBoxW
GetKeyboardLayout
SendMessageA
FindWindowA
SystemParametersInfoA
GetKeyboardLayoutList
CharLowerA
CharLowerBuffW
CharUpperA
CharUpperBuffW
SendMessageW
UnregisterClassW
RegisterClassA
RegisterClassW
GetDoubleClickTime
ShowCaret
HideCaret
CreateCaret
SetScrollPos
SetScrollRange
IsWindowVisible
MapWindowPoints
GetDlgItem
GetFocus
IsIconic
DestroyCaret
WindowFromDC
DestroyMenu
MessageBeep
RegisterClipboardFormatA
GetParent
TrackPopupMenu
SetCapture
GetAsyncKeyState
ReleaseCapture
GetMessageTime
GetMessagePos
IntersectRect
OffsetRect
InvertRect
CopyRect
ActivateKeyboardLayout
IsWindowUnicode
EnableWindow
GetDC
ReleaseDC
CreateWindowExW
CreateWindowExA
SetParent
ClientToScreen
MoveWindow
BeginPaint
FillRect
EndPaint
InflateRect
ShowWindow
InvalidateRect
SetWindowPos
UpdateWindow
GetClientRect
DrawFocusRect
GetCursorPos
ScreenToClient
GetWindowRect
PtInRect
GetKeyState
GetSysColor
DrawFrameControl
GetSystemMetrics
SetCursor
GetCursor
DestroyWindow
ShowScrollBar
SetFocus

gdi32

GetTextMetricsA
CreateFontIndirectW
CreateFontIndirectA
GetCharWidthA
GetCharWidthW
EnumFontFamiliesExW
LPtoDP
GetMapMode
CreatePalette
GetObjectType
Escape
CreatePatternBrush
CreateMetaFileA
CloseMetaFile
EnumMetaFile
SetViewportOrgEx
GetMetaFileBitsEx
CreateBitmap
SetMetaFileBitsEx
CreateSolidBrush
ExtTextOutA
CreateCompatibleBitmap
SetMapMode
GetObjectA
DPtoLP
GetBkMode
TranslateCharsetInfo
GetOutlineTextMetricsA
GetTextCharsetInfo
GetTextMetricsW
CreatePen
MoveToEx
LineTo
BitBlt
SetWindowOrgEx
SetWindowExtEx
GetPixel
ExtTextOutW
GetDeviceCaps
SetTextAlign
DeleteObject
CreateCompatibleDC
StretchBlt
DeleteDC
CreateDIBSection
SetROP2
GetStockObject
Rectangle
GetCurrentObject
SelectObject
SelectPalette
RealizePalette
SaveDC
RestoreDC
SetBkMode
PatBlt
SetBkColor
SetTextColor
IntersectClipRect
GetObjectW
CreateICA
CreateICW
GetTextFaceA
GetTextFaceW
DeleteMetaFile

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh51
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh52
Size: 78KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh53
Size: 78KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh54
Size: 2KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh55
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fh56
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fh57
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fh58
Size: 78KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HAJS
Size: 2KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6hJS
Size: 2KB - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SbkS
Size: 78KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AUqj
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AJS
Size: 2KB - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JASK
Size: 2KB - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AHQJ
Size: 2KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1388f5ee2c2170d512b114c86870acd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

gdi32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 3KB

.fh51 Size: 2KB - Virtual size: 228B

.fh52 Size: 78KB - Virtual size: 76KB

.fh53 Size: 78KB - Virtual size: 76KB

.fh54 Size: 2KB - Virtual size: 196B

.fh55 Size: 2KB - Virtual size: 204B

.fh56 Size: 2KB - Virtual size: 208B

.fh57 Size: 2KB - Virtual size: 202B

.fh58 Size: 78KB - Virtual size: 76KB

.HAJS Size: 2KB - Virtual size: 200B

.6hJS Size: 2KB - Virtual size: 198B

.SbkS Size: 78KB - Virtual size: 76KB

.AUqj Size: 2KB - Virtual size: 202B

.AJS Size: 2KB - Virtual size: 188B

.JASK Size: 2KB - Virtual size: 162B

.AHQJ Size: 2KB - Virtual size: 126B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 276KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3KB

.fh51
Size: 2KB - Virtual size: 228B

.fh52
Size: 78KB - Virtual size: 76KB

.fh53
Size: 78KB - Virtual size: 76KB

.fh54
Size: 2KB - Virtual size: 196B

.fh55
Size: 2KB - Virtual size: 204B

.fh56
Size: 2KB - Virtual size: 208B

.fh57
Size: 2KB - Virtual size: 202B

.fh58
Size: 78KB - Virtual size: 76KB

.HAJS
Size: 2KB - Virtual size: 200B

.6hJS
Size: 2KB - Virtual size: 198B

.SbkS
Size: 78KB - Virtual size: 76KB

.AUqj
Size: 2KB - Virtual size: 202B

.AJS
Size: 2KB - Virtual size: 188B

.JASK
Size: 2KB - Virtual size: 162B

.AHQJ
Size: 2KB - Virtual size: 126B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 276KB