77c29feae50831de559aaa4129ddac9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77c29feae50831de559aaa4129ddac9d_JaffaCakes118
Size

33KB
MD5

77c29feae50831de559aaa4129ddac9d
SHA1

8b583e8de33bf0ac673e95636cacdac2ec68930e
SHA256

c8846c2569ea9043043eeaa2805844b37858cc492f32b9deb344021b48436b76
SHA512

0ec7983cc6e3a3e5a257193c7d82b789e3a5e357dc41a1dcb3ef0abbd84bc76961974f2768b22a1c0ca353d37a0106a74058cf4703bd3163281b046f617f3a60
SSDEEP

768:53qjekXZZOaDujJ4s12GlC4QE2rOUmIruLkr2g3g7PY:pqiYbujJD2aC4QE2RXKYoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77c29feae50831de559aaa4129ddac9d_JaffaCakes118

Files

77c29feae50831de559aaa4129ddac9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc078f369cfde578a269cd485a9153e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
TerminateThread
GetTimeZoneInformation
lstrcpynA
LocalFree
GetConsoleMode
CompareStringW
GetFileType
SetLastError
lstrlenW
LCMapStringA
DeleteCriticalSection
GetExitCodeThread
LeaveCriticalSection
OpenProcess
GetNumberFormatA
WriteConsoleA
FormatMessageA
GetStringTypeW
WaitForSingleObject
EnumSystemLocalesA
SetPriorityClass
GetACP
LocalAlloc
RaiseException
GetStdHandle

ole32

CoGetCurrentProcess
OleQueryCreateFromData
CoCreateGuid
CoInitialize
CoIsHandlerConnected
OleCreateEx
CoRegisterMallocSpy
OleCreateLinkToFileEx
CoSuspendClassObjects
OleGetClipboard
CoTaskMemFree
CoGetObject
CoFreeLibrary
CoGetTreatAsClass
OleCreateFromFileEx
BindMoniker
OleCreateMenuDescriptor
OleGetAutoConvert

advapi32

AddAccessAllowedAce
LookupAccountSidA
SetSecurityInfo
StartServiceA
SetKernelObjectSecurity
GetSidIdentifierAuthority
RegDeleteValueA
GetLengthSid
OpenSCManagerA
GetSidSubAuthority
RegEnumValueA
AllocateAndInitializeSid
RegOpenKeyA
QueryServiceConfigA
OpenServiceA
RegCreateKeyExA
RegDeleteKeyA
AddAce

msvcrt

strtoul
__getmainargs
free
strncpy
realloc
strlen
_strnicmp
_strlwr
fopen
_beginthread
strstr
fclose
_ltow
strcspn
__mb_cur_max
_stricmp
_chdir

gdi32

SetTextAlign
SetMapMode
BitBlt
CreateCompatibleDC
RectInRegion
CreateRectRgnIndirect
EndPage
SetROP2
CreatePen
GetBkColor
DeleteObject
Polyline
SelectClipRgn
CreateSolidBrush
SetBkMode
SetBkColor
Ellipse
ExtTextOutA

user32

SetDlgItemTextA
UpdateWindow
IsIconic
GetWindow
TranslateMessage
IsDlgButtonChecked
LoadMenuA
IsZoomed
GetDlgCtrlID
SetTimer
GetWindowRect
GetWindowDC
GetMenuItemID
ClientToScreen
InflateRect
GetUserObjectSecurity

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc078f369cfde578a269cd485a9153e2

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

msvcrt

gdi32

user32

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 6KB

.bss Size: - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 838B

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 6KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 838B

.rsrc
Size: 1024B - Virtual size: 944B