863cb845e9082cb25a11b7906d5fac9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

863cb845e9082cb25a11b7906d5fac9f_JaffaCakes118
Size

83KB
MD5

863cb845e9082cb25a11b7906d5fac9f
SHA1

fa8deb8171a0b7884b241975eddf43be3d98b995
SHA256

3fd570eededbae4d5b7c262c240d5de2f5cab272a3af66f40116b02e797ba75c
SHA512

4c11e4680530cc95a52ceec274760590468d8219ed40102ee74f141d04a080fe4a73307ecb638f79ef24dbd053a96026cb94f5cc189de30560ed555f8349ab79
SSDEEP

1536:uIFkNQRvZOb16EyidDyWEXtzaujaQiKoMWnJrsckSoO:HkSRvZOvyWEpTaKulaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
863cb845e9082cb25a11b7906d5fac9f_JaffaCakes118

Files

863cb845e9082cb25a11b7906d5fac9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75329fc02984678612ab1f8fbe62d5ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
CloseHandle
MultiByteToWideChar
LocalAlloc
HeapFree
FreeLibrary
VirtualProtect
CreateThread
HeapFree
GetVersionExA
HeapAlloc
InterlockedDecrement
VirtualAlloc
GetCurrentProcess
HeapAlloc
GetModuleFileNameW
FreeLibrary
ReadFile
LoadLibraryA
CloseHandle
CloseHandle
GetModuleFileNameA
lstrlenA
LoadLibraryW
UnhandledExceptionFilter
CreateFileW
ReadFile
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetLastError
HeapFree
VirtualProtect
HeapAlloc
QueryPerformanceCounter
Sleep
LocalFree
GetCurrentThreadId
HeapFree
GetProcessHeap
GetProcAddress
CloseHandle
GetLastError
GetProcessHeap
lstrcmpiW
LoadLibraryW
LeaveCriticalSection
GetModuleFileNameA
GetModuleHandleW
GetTickCount
GetModuleHandleA
VirtualAlloc
GetModuleHandleW
VirtualProtect
InitializeCriticalSection
GetProcAddress
Sleep
GetModuleHandleA
CreateEventW
CreateThread
DeleteCriticalSection
GetProcAddress
lstrlenA
InterlockedCompareExchange
InterlockedExchange
lstrlenA
GetVersionExA
CloseHandle
GetProcAddress
InterlockedDecrement
InitializeCriticalSection
InterlockedExchange
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualProtect
lstrlenA
VirtualProtect
InterlockedCompareExchange
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetModuleHandleA
LeaveCriticalSection
InterlockedExchange
GetVersionExA
LocalFree
QueryPerformanceCounter
GetCurrentThreadId
GetModuleFileNameA
MultiByteToWideChar
DeleteCriticalSection
GetCurrentProcessId

user32

LoadIconW
ShowWindow
GetParent
IsDlgButtonChecked
wsprintfA
SendMessageW
GetDesktopWindow
SetCursor
GetWindowLongW
ReleaseDC
MessageBoxW
LoadStringW
DialogBoxParamW
SetFocus
SendMessageW
IsDlgButtonChecked
GetSysColor
PeekMessageW
LoadStringW
SetForegroundWindow
SetWindowPos
CreateWindowExW
ShowWindow
SetWindowTextW
GetDesktopWindow
BeginPaint
EnableWindow
LoadStringW
KillTimer
GetDlgItem
KillTimer
SetWindowTextW
GetDC
SetCursor
SendMessageW
DispatchMessageW
wsprintfA
IsDlgButtonChecked
GetSysColor
TranslateMessage
SetFocus
DefWindowProcW
PeekMessageW
SetWindowPos
CreateWindowExW
GetFocus
CreateWindowExW
GetWindowLongW
SetFocus
SetCursor
PeekMessageW
CreateWindowExW
LoadStringW
BeginPaint
GetWindowRect
DialogBoxParamW
DestroyWindow
LoadCursorW
IsDlgButtonChecked
GetDesktopWindow
ReleaseDC
GetDC
ShowWindow
GetDC
LoadIconW
KillTimer
GetDlgItem
TranslateMessage
SetWindowLongW
CreateWindowExW
GetFocus
GetParent
GetDesktopWindow
PostQuitMessage
SetForegroundWindow
IsWindow
GetDesktopWindow
GetClientRect
TranslateMessage
GetWindowRect
IsWindow
GetFocus
DialogBoxParamW
LoadIconW
SetDlgItemTextW
GetParent
LoadIconW
BeginPaint
DispatchMessageW
InvalidateRect
GetDesktopWindow
SetWindowTextW
SetWindowPos
IsDlgButtonChecked
LoadIconW
LoadIconW
EnableWindow
ShowWindow

gdi32

MoveToEx
SetWindowExtEx
GetWindowOrgEx
CreateFontIndirectA
SetWindowExtEx
SetWindowExtEx
GetCurrentObject
SetBrushOrgEx
CreateCompatibleDC
GetBkMode
SelectObject
GetBkMode
CreateDIBitmap
CreateBitmap
CreateRectRgn
GetCurrentObject
SelectObject
CreateDIBitmap
Polygon
CreateDIBitmap
GetWindowOrgEx
CreateFontIndirectA
BitBlt
StretchBlt
CombineRgn
GetBkColor
CreateDIBitmap
CreateCompatibleDC
StretchBlt
GetWindowOrgEx
CreateFontA
RoundRect
MoveToEx
SelectObject
CreateRectRgn
CreatePen
GetBrushOrgEx
SelectObject
MoveToEx
CreateDIBitmap
GetBkMode
CreateCompatibleDC
GetBkColor
GetBrushOrgEx
CreateFontIndirectA
CreateDIBSection
SetPixel
GetPixel
GetWindowExtEx
GetPixel
SetBkColor
CreateCompatibleDC
RoundRect
StretchBlt
GetWindowOrgEx
BitBlt
CreateBitmapIndirect
GetBkColor
SelectObject
SetPixel
SetBkMode
Ellipse
BitBlt
CreateCompatibleDC
MoveToEx
GetWindowOrgEx
Ellipse
CreateFontIndirectA
GetPixel
CreateRectRgn
BitBlt
CreateCompatibleDC
GetWindowExtEx
SetTextColor
SetBkMode
SetBkMode
GetCurrentObject
GetWindowExtEx
MoveToEx
MoveToEx
PatBlt
Rectangle
CreateFontIndirectA
CreateFontIndirectA
CreateBitmapIndirect
SelectObject
MoveToEx
GetBrushOrgEx
GetWindowExtEx
BitBlt
SelectObject
Rectangle
SetBkColor

Sections

.text
Size: 73KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75329fc02984678612ab1f8fbe62d5ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 73KB - Virtual size: 96KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 7KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 96KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB