83c4e1e8764105f5f99059f77d8f8408_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83c4e1e8764105f5f99059f77d8f8408_JaffaCakes118
Size

1.2MB
MD5

83c4e1e8764105f5f99059f77d8f8408
SHA1

f77e608290abf6bbdae029ce5be15730ea5833b8
SHA256

fd2bbbb5c4104d840715275c5daf2e598c7c80c425dabd198367f15f42eca924
SHA512

856c2aa3a103e4d3f1d3d7f7f49a834d8d920616ea8e324a22ee957092fff501b7c0fc88426713352d130192af96a499c18a9f94a268c7ff9f2820668b4ca952
SSDEEP

24576:kBOox/6nbr3UXKB+xcS2wpZtiWiSFLgcB0Y9QwDCSCIjb1MthLx9UO6my:kBnx/6nnEXVp74S+cB0MQA9CBkmy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83c4e1e8764105f5f99059f77d8f8408_JaffaCakes118

Files

83c4e1e8764105f5f99059f77d8f8408_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afeb19f73b062a3cc4e7b37a49866255

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

VirtualProtect
GetTickCount
ReadFile
GetModuleFileNameW
LeaveCriticalSection
GetProcessHeap
GetTickCount
DisableThreadLibraryCalls
GetModuleHandleA
HeapAlloc
DisableThreadLibraryCalls
GetLastError
HeapFree
CreateEventW
CreateThread
LeaveCriticalSection
InterlockedDecrement
CreateThread
InterlockedCompareExchange
HeapAlloc
GetModuleHandleW
InterlockedDecrement
VirtualProtect
LoadLibraryA
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter
lstrcmpiW
GetModuleHandleW
CreateEventW
VirtualProtect
lstrlenA
Sleep
InterlockedCompareExchange
UnhandledExceptionFilter
GetModuleHandleA
GetLastError
lstrlenA
LoadLibraryW
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameA
GetVersionExA
FreeLibrary
HeapFree
EnterCriticalSection
VirtualProtect
LeaveCriticalSection
CreateEventW
LocalAlloc
VirtualProtect
DeleteCriticalSection
GetModuleFileNameW
ReadFile
lstrcmpiW
GetVersionExA
ReadFile
SetLastError
SetLastError
InterlockedCompareExchange
HeapDestroy
InterlockedIncrement
LocalAlloc
GetProcessHeap
HeapAlloc
GetTickCount

gdi32

MoveToEx
CreateFontIndirectA
GetBkColor
RoundRect
GetBkColor
CreateBitmap
CreateFontIndirectA
GetBkColor
SetBkColor
CreateFontIndirectA
GetBrushOrgEx
SelectObject
CombineRgn
GetCurrentObject
CreatePen
SetBkMode
GetWindowExtEx
GetWindowExtEx
CombineRgn
CreateRectRgn
CreateBitmap
SetWindowExtEx
CreateDIBSection
SetTextColor
MoveToEx
GetWindowExtEx
StretchBlt
SetBkMode
GetBkColor
SetTextColor
CreateRectRgn
Polygon
CreateDIBSection
SetPixel
CreateSolidBrush
CreateDIBitmap
SetTextColor
CreateDIBSection
CreatePen
LineTo
RoundRect
GetWindowOrgEx
GetBkMode
CreateDIBitmap
SetWindowExtEx
CombineRgn
SetBrushOrgEx
SetWindowOrgEx
SelectObject
GetBkColor
SetWindowExtEx
SetWindowOrgEx
SetBrushOrgEx
CreateCompatibleDC
StretchBlt
CreateFontA
CreateBitmap
GetPixel
Ellipse
BitBlt

user32

ReleaseDC
SendDlgItemMessageW
SendDlgItemMessageW
EndPaint
DispatchMessageW
GetSystemMetrics
GetFocus
CharNextW
SendDlgItemMessageW
BeginPaint
BeginPaint
IsWindow
InvalidateRect
DestroyWindow
LoadIconW
SetWindowLongW
SendMessageW
GetClientRect
SetDlgItemTextW
LoadIconW
SetFocus
LoadStringW
SetForegroundWindow
GetDesktopWindow
GetSysColor
SetWindowPos
GetSysColor
InvalidateRect
DestroyWindow
GetSystemMetrics
GetSysColor
EndPaint
InvalidateRect
SetForegroundWindow
DialogBoxParamW
GetWindowRect
MessageBoxW
LoadStringW
IsDlgButtonChecked
IsDlgButtonChecked
EndPaint
SetWindowTextW
EndPaint
DefWindowProcW
SetFocus
PeekMessageW
PostMessageW
GetSystemMetrics
SetCursor
SetFocus
GetParent
IsWindow
LoadCursorW
SetForegroundWindow
EndDialog
DestroyWindow
EndPaint
DestroyWindow
SetWindowTextW
GetFocus
KillTimer
GetDlgItem
SetWindowTextW

Sections

.text
Size: 1.1MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afeb19f73b062a3cc4e7b37a49866255

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 1.1MB - Virtual size: 2.2MB

.tls Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 1.1MB - Virtual size: 2.2MB

.tls
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB