64852413a58b412adb36362bde1b38cc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

64852413a58b412adb36362bde1b38cc_JaffaCakes118
Size

38KB
MD5

64852413a58b412adb36362bde1b38cc
SHA1

364a07ae1eff184287f0fbf2e3e3b4afb6891145
SHA256

d175d480f14cb42be0185d9e88187c19c0f7161b434276ac9e58d5adac1a7146
SHA512

8e922ff8c896ad26f7c2ec1f2d3fb6308b9cbd52ff4996abf9b5dfd47d89e47b2d18c836ce3cb8094dbc7f5e0821c8a49d8752d11c6f3241232097efd08e1869
SSDEEP

768:yZY8N9Dfb1XwBgF7H7V0fDsgcNM9+r2a1nO3i+7cS6V:yZYcDZXwaF7HJ0IzNM98FO3JK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64852413a58b412adb36362bde1b38cc_JaffaCakes118

Files

64852413a58b412adb36362bde1b38cc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

658095051467247a33347646019628b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongW
BeginPaint
UnregisterClassA
IntersectRect
SetWindowTextA
DestroyIcon
TrackPopupMenu
GetSysColor
DefWindowProcW
SetCapture
SetDlgItemInt
CheckDlgButton
ShowWindow
IsWindowVisible
ReleaseCapture
GetDlgCtrlID
SetForegroundWindow
MapWindowPoints
IsChild
CharNextW
GetWindowPlacement
LoadBitmapA
SendDlgItemMessageA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW

SetROP2
UpdateColors
SetBoundsRect
BeginPath
version.dll
SetTextAlign
DrawEscape
msvcrt.dll
GDI32.dll

ntdll

wcscpy
RtlMultiByteToUnicodeN
RtlInitializeCriticalSection
RtlLengthRequiredSid
NtSetValueKey
RtlGetNtProductType
RtlConvertSidToUnicodeString
RtlUnwind
RtlOpenCurrentUser
RtlNtStatusToDosError
wcschr
RtlInitializeResource
RtlAnsiStringToUnicodeString
RtlAcquireResourceExclusive
RtlLeaveCriticalSection
NtDeviceIoControlFile
RtlCompareUnicodeString
RtlInitString
NtQueryVolumeInformationFile
NtQueryValueKey
RtlEnterCriticalSection
RtlFreeAnsiString
RtlInitAnsiString
RtlFreeHeap
RtlUnicodeToOemN
RtlSubAuthoritySid
NtQueryInformationFile
_wcsicmp
RtlEqualSid
DbgBreakPoint

gdi32

SetDIBits
GetDIBits
DeleteObject
GetTextFaceW
SetICMMode
TextOutA
SetTextColor
RealizePalette
ScaleViewportExtEx
CreateFontIndirectW
CreateCompatibleBitmap
SetViewportExtEx
CreatePenIndirect

advapi32

RegQueryValueExA
RegDeleteValueA
RegSetValueExA
EnumServicesStatusExA
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegCreateKeyExW
GetSecurityDescriptorControl
LookupPrivilegeValueA
RegDeleteKeyW
RegOpenKeyExA
RegCreateKeyW
RegQueryValueW
LockServiceDatabase
RegOpenKeyExW
RegFlushKey

kernel32

ExitThread
SetEvent
HeapReAlloc
ExitProcess
LCMapStringA
MapViewOfFile
InterlockedDecrement
WriteConsoleA
CreateEventW
GetCurrentThreadId
DeleteAtom
GetLastError
CreateFileW
GetModuleHandleW
GetVersionExW
VirtualAlloc
LockResource
IsValidCodePage
VirtualAllocEx
LoadResource
GetModuleFileNameW
VirtualFree
GetCommandLineW
CreateDirectoryW
GetModuleFileNameA

msvcrt

_mbscmp
swprintf
_memicmp
_ftol
_errno
_read
_wmakepath
_purecall
_local_unwind2
fclose
__p__commode
_ltow
rand
wcscmp
strncpy
abort
fputs
wcsrchr
_stricmp
_onexit
wcsncmp
realloc
memcpy
_strlwr
strerror
_lock
fseek
qsort
_itoa

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

658095051467247a33347646019628b7

Headers

File Characteristics

Imports

user32

version

ntdll

gdi32

advapi32

kernel32

msvcrt

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 11KB - Virtual size: 26KB

.idata Size: 5KB - Virtual size: 20KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 11KB - Virtual size: 26KB

.idata
Size: 5KB - Virtual size: 20KB