83aa16375bf57f74d9a68402cdd9c747_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83aa16375bf57f74d9a68402cdd9c747_JaffaCakes118
Size

26KB
MD5

83aa16375bf57f74d9a68402cdd9c747
SHA1

ca155a92bd8b4ced15face47c5d4e72bb3e585ab
SHA256

6d7c688baf2aaa4756822876b3ffd94fd9bffff258e010ecda9ea62e7e215ea5
SHA512

a1c8b8d233ee750ab8ed08b8d3548821595da277e95b623ba1de5baa53607e684a1c3e74a71d89f6e89e60b1a134985e8394df2c78712357b75699929c071a43
SSDEEP

768:v+dGgccXYVCABXGjGBWRBxdwducAZ8wBqW:YGgccXPABWhRBHwwcO8EqW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83aa16375bf57f74d9a68402cdd9c747_JaffaCakes118

Files

83aa16375bf57f74d9a68402cdd9c747_JaffaCakes118
.exe windows:4 windows x86 arch:x86

754420712981c91e069230ba0da5fdaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
VirtualAlloc
GetLastError
GetStringTypeW
IsProcessorFeaturePresent
WriteFile
VirtualProtect
GetACP
HeapDestroy
FileTimeToSystemTime
GetStringTypeA
GetOEMCP
GetCommandLineA
ExitProcess
FreeEnvironmentStringsW

advapi32

RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyA
RegQueryValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegCreateKeyExW
RegSetValueExW

cfgmgr32

CM_Move_DevNode
CM_Get_Version_Ex

gdi32

GetStretchBltMode
GetDeviceCaps
LineTo
GetObjectW
CreateCompatibleBitmap
Polyline
BitBlt
CreateDIBSection
SetStretchBltMode
CreateCompatibleDC
DeleteDC
Rectangle
LPtoDP
GetBkMode
SetBkMode
SaveDC
StretchBlt
RestoreDC
CreatePen
SelectObject
DPtoLP
Polygon
GetCurrentObject
CreateFontIndirectW
SetBkColor
SetTextColor
DeleteObject
SetViewportOrgEx
GetTextColor
CreateSolidBrush
GetStockObject
ExcludeClipRect
SetBrushOrgEx
OffsetViewportOrgEx
IntersectClipRect
GetBrushOrgEx
MoveToEx
GetBkColor

user32

GetWindowRect
SetTimer
GetDoubleClickTime
EndPaint
GetSystemMetrics
ReleaseCapture
SetFocus
PostMessageW
SetPropW
GetDesktopWindow
LoadStringW
WindowFromPoint
GetUpdateRect
DefWindowProcW
DrawTextW
FillRect
SetParent
SetCursor
LoadCursorW
GetIconInfo
LoadImageW
wsprintfW
PtInRect
CallMsgFilterW
GetClientRect
DispatchMessageW
OffsetRect
InvalidateRect
InflateRect
SetCapture
TranslateMessage
MoveWindow
SetWindowPos
RegisterClassExW
SendMessageW
ClipCursor
DestroyWindow
GetMessageW
ValidateRect
EnumChildWindows
DrawIcon
GetParent
GetDC
ReleaseDC
KillTimer
ScreenToClient
BeginPaint
GetPropW
GetCursorPos
UnregisterClassW
IsWindowVisible
PostQuitMessage
ShowWindow
CreateWindowExW
GetWindow
IsWindow
ClientToScreen

dinput8

DirectInput8Create

ole32

StringFromCLSID
CoTaskMemFree

msi

MsiDatabaseExportW

shlwapi

StrCatBuffW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

754420712981c91e069230ba0da5fdaf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

cfgmgr32

gdi32

user32

dinput8

ole32

msi

shlwapi

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 32B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 160KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 32B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 160KB