83d4f99e8fe9be09f6339a52979c9fa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83d4f99e8fe9be09f6339a52979c9fa3_JaffaCakes118
Size

67KB
MD5

83d4f99e8fe9be09f6339a52979c9fa3
SHA1

18f501741484c6ffa49207ede2687878c831d747
SHA256

f84c8b59087f4553c3035b7ccdb18578cfca3998a06ef35a11425b26afc7f149
SHA512

28877d71026722d6c54d00e5dbf9e34f17445748ec1cac3e832ab11c68d715f4318db590cfc0b1cc82a56e94078491bc640ed027ff3d94fb3c17594a6008bb99
SSDEEP

1536:0mYMCV8IK8jSqPX02MUhx2a9CeEVRdAd14Y1k3lOKBn2A4RnsES:0138IK8PP0Uhx2aYeEP2k1OK4t6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83d4f99e8fe9be09f6339a52979c9fa3_JaffaCakes118

Files

83d4f99e8fe9be09f6339a52979c9fa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37bc5eabd96628efaec18a3c9731afea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheck
AccessCheckAndAuditAlarmW
BuildSecurityDescriptorA
BuildTrusteeWithNameW
ClearEventLogW
ConvertToAutoInheritPrivateObjectSecurity
CopySid
CreateServiceA
CryptVerifySignatureW
DeregisterEventSource
ElfNumberOfRecords
EncryptFileW
GetAuditedPermissionsFromAclA
GetExplicitEntriesFromAclA
GetExplicitEntriesFromAclW
GetNamedSecurityInfoA
GetServiceKeyNameW
GetTrusteeTypeA
GetUserNameA
GetUserNameW
LockServiceDatabase
LsaAddAccountRights
LsaGetQuotasForAccount
LsaLookupPrivilegeDisplayName
LsaSetQuotasForAccount
OpenServiceA
QueryServiceObjectSecurity
TrusteeAccessToObjectA

kernel32

BackupRead
CloseHandle
CompareFileTime
CompareStringA
CreateFileMappingW
CreateMutexA
DisableThreadLibraryCalls
EnumResourceNamesW
EnumSystemLocalesA
EnumTimeFormatsW
ExitProcess
FindCloseChangeNotification
FindResourceExW
FreeLibraryAndExitThread
FreeResource
GetCPInfo
GetCommandLineW
GetCompressedFileSizeW
GetComputerNameA
GetConsoleAliasA
GetConsoleAliasesA
GetConsoleCommandHistoryLengthW
GetConsoleFontSize
GetConsoleInputExeNameA
GetConsoleKeyboardLayoutNameA
GetConsoleWindow
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileAttributesW
GetFileAttributesExW
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleW
GetNamedPipeHandleStateA
GetPrivateProfileStringW
GetProcessHeap
GetProcessHeaps
GetProfileSectionA
GetShortPathNameA
GetShortPathNameW
GetStartupInfoW
GetStringTypeA
GetStringTypeW
GetStringTypeExA
GetSystemTime
GetTempPathA
GetThreadPriority
GetVersion
HeapDestroy
HeapUnlock
InitializeCriticalSection
InvalidateConsoleDIBits
IsBadHugeWritePtr
IsDebuggerPresent
LocalFree
LocalSize
LockResource
OutputDebugStringA
Process32Next
ReadConsoleInputExA
ReadConsoleOutputCharacterA
ReadFileEx
ReleaseMutex
RtlUnwind
SearchPathA
SetConsoleCursorPosition
SetConsoleFont
SetConsoleTitleW
SetConsoleWindowInfo
SetEvent
SetLastError
SetLocaleInfoA
SetSystemPowerState
SetWaitableTimer
UnlockFile
UnlockFileEx
UpdateResourceW
VerLanguageNameW
VirtualProtect
WaitForMultipleObjects
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW

user32

AdjustWindowRectEx
BeginDeferWindowPos
BringWindowToTop
BroadcastSystemMessageA
ChangeDisplaySettingsW
ChangeMenuW
CharToOemA
CharUpperA
CharUpperW
CheckMenuItem
CheckRadioButton
DdeConnect
DdeCreateDataHandle
DdeDisconnectList
DdeGetLastError
DdeInitializeW
DdeReconnect
DdeSetUserHandle
DdeUnaccessData
DefDlgProcW
DestroyWindow
DrawFocusRect
DrawFrameControl
DrawTextW
EnableWindow
GetAncestor
GetCapture
GetCaretBlinkTime
GetClassNameW
GetClipCursor
GetClipboardFormatNameA
GetCursor
GetCursorInfo
GetDlgCtrlID
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardType
GetMenu
GetMenuBarInfo
GetMenuInfo
GetMenuItemInfoA
GetMonitorInfoA
GetMonitorInfoW
GetNextDlgTabItem
GetParent
GetScrollBarInfo
GetScrollInfo
GetScrollRange
GetSystemMetrics
GetUpdateRgn
GetWindowDC
GetWindowTextLengthW
InvalidateRect
InvalidateRgn
IsCharAlphaA
IsCharAlphaNumericW
IsZoomed
KillTimer
LoadBitmapA
LoadCursorW
LoadCursorFromFileA
LoadIconA
LoadKeyboardLayoutW
LockWindowUpdate
MessageBoxIndirectA
MsgWaitForMultipleObjects
OemToCharA
OpenWindowStationA
PostMessageW
ReplyMessage
ScreenToClient
ScrollDC
SetClassLongA
SetClassLongW
SetFocus
SetLayeredWindowAttributes
SetMenuContextHelpId
SetScrollInfo
SetUserObjectInformationW
SubtractRect
UpdateWindow
wvsprintfW

gdi32

BitBlt
CreateBrushIndirect
CreateRectRgnIndirect
CreateScalableFontResourceA
EnumEnhMetaFile
GdiComment
GdiGetBatchLimit
GdiPlayScript
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthFloatA
GetCharacterPlacementW
GetClipBox
GetClipRgn
GetColorSpace
GetCurrentObject
GetFontLanguageInfo
GetGraphicsMode
GetICMProfileW
GetMetaFileBitsEx
GetOutlineTextMetricsA
GetPixel
GetStretchBltMode
GetSystemPaletteUse
GetTextFaceA
GetTextFaceW
GetWinMetaFileBits
GetWindowOrgEx
PathToRegion
PlayMetaFile
PlgBlt
PtInRegion
PtVisible
RealizePalette
SetMetaFileBitsEx
SetTextCharacterExtra
StretchDIBits
TextOutW
UpdateICMRegKeyA
gdiPlaySpoolStream

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Aefs
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bwVf
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37bc5eabd96628efaec18a3c9731afea

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 51KB - Virtual size: 74KB

.Aefs Size: 4KB - Virtual size: 24KB

.bwVf Size: 4KB - Virtual size: 24KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 51KB - Virtual size: 74KB

.Aefs
Size: 4KB - Virtual size: 24KB

.bwVf
Size: 4KB - Virtual size: 24KB

.reloc
Size: 1024B - Virtual size: 4KB