863f2a47070e636ae07856e744c719ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

863f2a47070e636ae07856e744c719ee_JaffaCakes118
Size

30KB
MD5

863f2a47070e636ae07856e744c719ee
SHA1

f10cf25f069cc6cea1fe1dec52ff06966c306901
SHA256

3794e657e6d44ad969c6a2be7f6a0b190380bf9cceafe63ebdf7c1714b158f7e
SHA512

46e36f5a8fb264e91d7ab58c81484eb0d8b45ecc323bd349da1a360e0083226c3fbca352ff7ab2e9090870bdad1ea6a7e4fe0b419bd049abf21b9a99fe8ca195
SSDEEP

768:31n5+Qw4mdmJhArbzHFqiJdkdwFshl8qB:315Nw4MOIYAkdg+8qB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
863f2a47070e636ae07856e744c719ee_JaffaCakes118

Files

863f2a47070e636ae07856e744c719ee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

05ae23cdfbd9fd4b8fd518e6ff5992c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
CombineRgn
DrawEscape
AddFontResourceW
GetObjectA
SetMagicColors
UpdateColors
SetDIBColorTable
CreatePen
SetBkColor
GetWindowOrgEx
CloseMetaFile
GetFontResourceInfoW
CreateSolidBrush
CreateFontA
LPtoDP
SelectPalette

advapi32

SetEntriesInAclW
RegLoadKeyW
CryptReleaseContext
CryptDestroyKey
GetSidSubAuthority
RegDeleteKeyA
GetSidIdentifierAuthority
GetFileSecurityW
IsValidAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW

wininet

GetUrlCacheEntryInfoA
HttpOpenRequestA
InternetConnectA
InternetOpenA

user32

TranslateMessage
ShowWindow
GetFocus
SetWindowPos
ShowOwnedPopups
CloseWindow
EndPaint
GetDlgItemTextW
MessageBoxW
EndDeferWindowPos
SetMenuDefaultItem
IsWindowVisible
IsRectEmpty
LoadMenuA
DialogBoxParamA
ShowCursor
GetClientRect
DefFrameProcA
DispatchMessageW
LoadImageW
DdeQueryStringA
GetUpdateRgn
BeginPaint
IsIconic
GetSysColor
GetSysColorBrush
IsWindowEnabled
TranslateAcceleratorA
CountClipboardFormats
DrawMenuBar
GetMessageW
MessageBoxA
DrawFrameControl
DestroyWindow
GetDC
PostMessageA
CheckMenuItem
CharToOemW
MoveWindow
SetClipboardData
SwitchDesktop
RedrawWindow
GetWindowRect
WINNLSEnableIME
GetScrollInfo
ValidateRect
CreateDialogParamW
SendMessageW

msvcrt

_vsnprintf
calloc
iswxdigit
malloc
wcschr
memset
ungetc
isxdigit

kernel32

OutputDebugStringA
GetACP
FindResourceExA
GetTickCount
lstrcpyA
SizeofResource
CreateNamedPipeW
CancelWaitableTimer
AddAtomW
InitAtomTable
WaitForDebugEvent
SuspendThread
GetThreadContext
FreeResource
InterlockedExchange
DuplicateHandle
GetCurrentProcess
GetProcessVersion
IsValidLocale
GlobalAddAtomA
LoadLibraryA
TryEnterCriticalSection
WaitForSingleObject
FindClose
GetAtomNameA
TlsGetValue
ReadProcessMemory
GetCommandLineA
TlsAlloc
GetOverlappedResult
TlsSetValue
GetVolumePathNameW
OpenEventA
TlsFree
GetAtomNameW
FindAtomW
GetModuleHandleW
LocalUnlock
MoveFileW
SystemTimeToFileTime
DosDateTimeToFileTime
GetModuleHandleA
HeapReAlloc
ReadFile
HeapAlloc
lstrcatA
GetThreadTimes
HeapFree
GetVolumeInformationA
WaitForMultipleObjectsEx
WriteConsoleOutputAttribute
HeapValidate
GetLogicalDrives
FlushFileBuffers

Exports

Exports

TvrNsdzcowdt@4
ZNdCeyoDllqwcm@16
_InsertDataThread@8
_KillDataThreads@12
MkhGPLozfethrmg@12
VehDsmMhdxnfMameI@8
VggTgGuftewvQhyzp@16

Sections

.code
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05ae23cdfbd9fd4b8fd518e6ff5992c5

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

wininet

user32

msvcrt

kernel32

Exports

Exports

Sections

.code Size: - Virtual size: 31KB

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 470B

.code
Size: - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 470B