63768c68bc2056b5e0ab23304c763613_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63768c68bc2056b5e0ab23304c763613_JaffaCakes118
Size

58KB
MD5

63768c68bc2056b5e0ab23304c763613
SHA1

b0c2d3b6bfc3c74b8bef261d148a710336448441
SHA256

8254e7e0e0f6622939054140ead74315b7a7d2457270f9b399cb92fea61a3035
SHA512

c1c139fdd25a4fe6c1ed30665eb59e68c6fb9530bde0e1f7fdf7934b043c4319e123bd19851c2ef427193e6296bf16a46520c51e2ac59dcd2ffafe28f80a5ad5
SSDEEP

768:ZMcSA9FHs5XsNaRPKWUezOeL5nY6b7/nIZ6X8LT/SQuQQh9BP1:sAjsCsUWUSOeLq6bx8LTqnh9BP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63768c68bc2056b5e0ab23304c763613_JaffaCakes118

Files

63768c68bc2056b5e0ab23304c763613_JaffaCakes118
.exe windows:4 windows x86 arch:x86

073798251c05fd4d0f04473d42269404

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetVersionExW
WaitForSingleObject
GetExitCodeProcess
SetEvent
Sleep
CreateEventW
GetLastError
CreateMutexW
GetCurrentProcess
GetModuleHandleW
WaitForMultipleObjects
OpenEventW
FreeLibrary
LoadLibraryW
MultiByteToWideChar
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
RaiseException
LoadLibraryA
GetModuleFileNameW
GetWindowsDirectoryW
ExpandEnvironmentStringsA
VirtualAlloc

advapi32

QueryServiceStatus
RegQueryValueExA
RegEnumValueW
RegDeleteValueW
OpenSCManagerW
OpenServiceW
RegOpenKeyExA
CloseServiceHandle
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString

rpcrt4

UuidFromStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

GetForegroundWindow
DialogBoxParamA
GetMenuStringW
MessageBoxIndirectW
GetActiveWindow
InsertMenuA
CreateAcceleratorTableA
CreatePopupMenu
CharUpperA
EndDialog
SetWindowTextA
CreateDesktopA
DestroyMenu
GetCapture
CreateDialogParamA
AdjustWindowRect
RemoveMenu
PostMessageW
CopyRect
PostQuitMessage
EndMenu
SetCapture
wsprintfW
ShowCaret
UnregisterClassA
SetDlgItemTextA
GetClassInfoExW
GetClassInfoW
InvalidateRgn
LoadCursorA
EnumWindows
SetForegroundWindow
DialogBoxIndirectParamW
RegisterClassW
AppendMenuA
CreateDialogIndirectParamA
RegisterWindowMessageA
TrackPopupMenu
GetDesktopWindow
MessageBeep
GetSysColorBrush
WinHelpW
SetWindowRgn
ShowWindow
LoadBitmapW
CharPrevA
LoadImageW
SetDlgItemTextW

loadperf

UpdatePerfNameFilesW
SetServiceAsTrustedW

gdi32

TranslateCharsetInfo
CreateRoundRectRgn
UpdateICMRegKeyA
CreatePatternBrush
CreateHatchBrush
StretchDIBits
CreateBitmapIndirect
CreateCompatibleDC
RemoveFontResourceW

mydocs

PerUserInit
DllCanUnloadNow

Sections

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bLqBax
Size: 2KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vOUUJ
Size: 4KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

073798251c05fd4d0f04473d42269404

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

rpcrt4

version

user32

loadperf

gdi32

mydocs

Sections

.edata Size: 5KB - Virtual size: 4KB

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 12KB

.bLqBax Size: 2KB - Virtual size: 251KB

.edata Size: 4KB - Virtual size: 76KB

.data Size: 8KB - Virtual size: 72KB

.edata Size: 12KB - Virtual size: 30KB

.vOUUJ Size: 4KB - Virtual size: 667KB

.rsrc Size: 2KB - Virtual size: 2KB

.edata
Size: 5KB - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 12KB

.bLqBax
Size: 2KB - Virtual size: 251KB

.edata
Size: 4KB - Virtual size: 76KB

.data
Size: 8KB - Virtual size: 72KB

.edata
Size: 12KB - Virtual size: 30KB

.vOUUJ
Size: 4KB - Virtual size: 667KB

.rsrc
Size: 2KB - Virtual size: 2KB