78731dff5ea9ce587b0bea9ca1371e8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78731dff5ea9ce587b0bea9ca1371e8e_JaffaCakes118
Size

129KB
MD5

78731dff5ea9ce587b0bea9ca1371e8e
SHA1

dd50d01df81c2607f3800551aa590aec2bf5631a
SHA256

84ec5b8be1bfc021dca91564d0d7fe0873a39c2a3a06d19d225c72a61c93193a
SHA512

b5b1f13912cffdf005b8cbac2135c94f4128f3dcce842ba95c94212b7eefaf2591784283f5edc645d155efce1ccae3d783d0467237550ddc32dbd33057314839
SSDEEP

1536:ZNR4JH854cS1sv/4H77VVid4fxuxO4quj0Z4Iy0qsZHH12:Zv4e5A6obRkOPZA0DV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78731dff5ea9ce587b0bea9ca1371e8e_JaffaCakes118

Files

78731dff5ea9ce587b0bea9ca1371e8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc2d7d24a4331fa3a62c644d5c63e5c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

CharLowerBuffW
UnregisterClassW
GetCapture
GetSysColor
GetWindowLongA
GetProcessWindowStation
TranslateMessage
MsgWaitForMultipleObjects
RegisterClassW
RegisterWindowMessageA
SystemParametersInfoW
LoadCursorW
TranslateMessageEx
GetWindowDC
RegisterClipboardFormatA
GetCapture
LoadStringW
GetDC
RegisterClipboardFormatA
MsgWaitForMultipleObjects
GetDCEx
DrawTextA
SystemParametersInfoW
CharUpperW
GetWindowLongA
GetAppCompatFlags2
GetCapture
DispatchMessageW
GetWindowLongA
CharUpperBuffW

kernel32

TerminateProcess
SleepEx
TerminateProcess
VirtualProtect
SleepEx
DeviceIoControl
LoadLibraryA
LoadLibraryExA
WriteProcessMemory
TerminateProcess
WaitForSingleObject
LoadLibraryA
SleepEx
TerminateProcess
ReadFile
GetStartupInfoW
CreateProcessA
ReadFile
WaitForSingleObjectEx
TerminateProcess
LoadLibraryExW
LoadLibraryExA
CreateProcessW
DeviceIoControl
CreateProcessA
Sleep
GetSystemTime
LoadLibraryExW
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
CreateProcessW
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
SetSystemTime
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
Sleep
ReadProcessMemory
CreateFileA
LoadLibraryExW
SleepEx
Sleep
VirtualProtect
GetSystemTimeAsFileTime
LoadLibraryExW
TerminateProcess
CreateFileA
LoadLibraryA
WriteProcessMemory
LoadLibraryA
TerminateProcess
GetStartupInfoW
WaitForSingleObject
GetSystemTime
WaitForSingleObject
CreateProcessA
ReadFile
ReadFile
ReleaseMutex
ReadFile
VirtualProtect
CreateFileA
ReadProcessMemory
LoadLibraryA
TerminateProcess
SleepEx
TerminateProcess
ReadFile
LoadLibraryExW
CreateFileA
LoadLibraryExW
ReadProcessMemory
DeviceIoControl
WaitForSingleObject
VirtualProtect
GetStartupInfoA
LoadLibraryExW
GetStartupInfoA
CreateProcessA
WriteProcessMemory
LoadLibraryA
VirtualProtectEx
VirtualProtectEx
WaitForSingleObjectEx
TerminateProcess
LoadLibraryExA
CreateFileA
WriteProcessMemory
TerminateProcess
GetSystemTime
DeviceIoControl
TerminateProcess
TerminateProcess
VirtualProtectEx
GetSystemTime
GetStartupInfoA
ReleaseMutex
CreateProcessW
WriteProcessMemory
GetStartupInfoA
WaitForSingleObjectEx
WaitForSingleObject
WriteProcessMemory
Sleep
WriteProcessMemory
GetSystemTime
Sleep
GetSystemTime
GetStartupInfoA
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
CreateProcessA
LoadLibraryExA
GetSystemTimeAsFileTime
CreateFileA
CreateFileA
WaitForSingleObject
VirtualProtect
ReleaseMutex
VirtualProtect
GetStartupInfoA
CreateProcessA
LoadLibraryExW
Sleep
TerminateProcess
Sleep
LoadLibraryExA
TerminateProcess
LoadLibraryA
VirtualProtectEx
GetStartupInfoA
LoadLibraryExA
DeviceIoControl
SleepEx
ReleaseMutex
VirtualProtectEx
WriteProcessMemory
VirtualProtectEx
CreateProcessA
VirtualProtectEx
CreateFileA
ReadFile
DeviceIoControl
GetSystemTime
DeviceIoControl
GetStartupInfoA
LoadLibraryA
DeviceIoControl
WriteProcessMemory
CreateProcessW
GetSystemTimeAsFileTime
WaitForSingleObjectEx
CreateProcessW
WaitForSingleObjectEx
GetStartupInfoW
ReleaseMutex
GetSystemTimeAsFileTime
GetStartupInfoW
LoadLibraryA
VirtualProtect
GetStartupInfoA
LoadLibraryExW
WaitForSingleObject
DeviceIoControl
VirtualProtectEx
GetSystemTime
ReadFile

advapi32

AccessCheck
RegCloseKey
GetTokenInformation
MakeSelfRelativeSD
RegCloseKey
RegQueryValueExW
OpenThreadToken
RegOpenKeyExW
MakeSelfRelativeSD
OpenThreadToken
GetTokenInformation
RevertToSelf
ImpersonateNamedPipeClient
OpenThreadToken
AccessCheck
GetTokenInformation
AccessCheck
OpenThreadToken
RevertToSelf
RegQueryValueExW

gdi32

CreateCompatibleBitmap
GetStockObject
GetWindowExtEx
SelectObject
GdiValidateHandle
BitBlt
GetLayout
GetObjectType
GetHFONT
GetObjectType
SetDCBrushColor
CreateCompatibleDC
RectVisible
OffsetWindowOrgEx
GetLayout
GetTextExtentPoint32W
BitBlt
CreateBitmap
GetWindowExtEx
GdiProcessSetup

comdlg32

GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.line
Size: 75KB - Virtual size: 156KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

111cnn
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

qwerty
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc2d7d24a4331fa3a62c644d5c63e5c9

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.line Size: 75KB - Virtual size: 156KB

.data Size: 3KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

111cnn Size: 4KB - Virtual size: 4KB

qwerty Size: 512B - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 17KB - Virtual size: 20KB

.line
Size: 75KB - Virtual size: 156KB

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

111cnn
Size: 4KB - Virtual size: 4KB

qwerty
Size: 512B - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 20KB