72729f6cc47e207feb2d0225c0e4b6fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72729f6cc47e207feb2d0225c0e4b6fa_JaffaCakes118
Size

126KB
MD5

72729f6cc47e207feb2d0225c0e4b6fa
SHA1

c4561fbe4b419146eee4b74ea3fc7acc33f3d13d
SHA256

a0c2755c0a164de3baca0b7b4d0107692e1e63b3efc9200ceecd1922cc4bcd2f
SHA512

25b3d17fba3de81f0b2c89349d6de28d68a52b8d658ac5ec2a90be48f7e7a89f317bacb21325ccc6dea2960099b58c52707ebc369832afb034bd193a72ebfe70
SSDEEP

3072:MdS0iXYPde3TnJWDrelNlRMligUIRo/s6w3ZbBnZ:pTfoalNjLgUIRpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72729f6cc47e207feb2d0225c0e4b6fa_JaffaCakes118

Files

72729f6cc47e207feb2d0225c0e4b6fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04d7eea1f0551f712d5cf6d6e0c2735b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
CompareFileTime
GetTickCount
TerminateProcess
AssignProcessToJobObject
CreateProcessW
DeleteTimerQueueTimer
CreateTimerQueueTimer
CreateThread
GetModuleFileNameW
LocalAlloc
LocalFree
SetLastError
FormatMessageW
WaitForSingleObject
VirtualUnlock
SetThreadPriority
HeapSize
HeapAlloc
GetLastError
HeapCreate
MultiByteToWideChar
GetFileAttributesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetVersion
OutputDebugStringA
CreateJobObjectW
GetCommandLineW
TerminateJobObject
ResetEvent
InterlockedDecrement
GetSystemTimeAsFileTime
CompareStringW
GetShortPathNameW
ExpandEnvironmentStringsW
GetCurrentProcessId
WaitForSingleObjectEx
InterlockedExchange
UnregisterWaitEx
Sleep
CreateEventW
SetEvent
CloseHandle
HeapDestroy
GetProcessHeap
HeapFree
GetCommandLineA
VirtualFree
VirtualProtect
GetCurrentProcess
VirtualAlloc

user32

GetWindowRect
ScreenToClient
MoveWindow
KillTimer
LoadStringW
SetWindowTextW
IsWindow
IsRectEmpty
DestroyWindow
SystemParametersInfoW
GetWindowLongW
EnableWindow
GetWindowTextLengthW
SetFocus
GetDlgItemTextW
DestroyIcon
SetRect
GetClientRect
SendDlgItemMessageW
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
LoadImageW
SetWindowLongW
GetAncestor
GetParent
PostMessageW
CopyIcon
CloseDesktop
MessageBoxW
ExitWindowsEx
ShowWindow
SendMessageW

advapi32

LsaFreeMemory
RegSetValueExW
RegEnumValueW
RegDeleteValueW
UnregisterTraceGuids
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
NotifyBootConfigStatus
RegCreateKeyExW
DeregisterEventSource
RegisterEventSourceW
ImpersonateLoggedOnUser
RevertToSelf
TraceMessage
GetTokenInformation

gdi32

SetTextColor
SetROP2
GetStockObject
SetBkMode
SelectObject
Rectangle
DeleteObject

ole32

CoGetObject
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoUninitialize

rpcrt4

UuidFromStringW
I_RpcMapWin32Status
RpcAsyncCompleteCall
RpcBindingFree
NdrClientCall2
RpcStringFreeW
RpcMgmtIsServerListening
RpcAsyncCancelCall
RpcAsyncInitializeHandle

msvcr71

_except_handler3
free
abs
wcstok
wcschr
_wcsicmp
memmove
_vsnwprintf
memset
memcpy
wcstoul
wcstol
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d7eea1f0551f712d5cf6d6e0c2735b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcr71

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 35KB - Virtual size: 68KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 35KB - Virtual size: 68KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB