8765fca6d5478f0b0e6d77e573e01c0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8765fca6d5478f0b0e6d77e573e01c0d_JaffaCakes118
Size

30KB
MD5

8765fca6d5478f0b0e6d77e573e01c0d
SHA1

7ce2a851fe61898b4e2d24f916d8751aa8c5d539
SHA256

8124ef208f49f589abc1ef109a95ee47e9ef9fd8eba43ff3ba850e8c46865763
SHA512

fab435b219fee5a4eb72779d33a0a279709b9852dd41a48a03aa8dd0d94baf9aef25da9cafa2f4c022d0841503fcbad988d82c59d65de50fba3251b3d1e5f55f
SSDEEP

768:PQcLeHN2594NtpoUxFnMByezGJkBcWXOW8eEy29v40cHTUCdGhy5:4oew594NzoqFnMyoBuH9vd4Gk5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8765fca6d5478f0b0e6d77e573e01c0d_JaffaCakes118

Files

8765fca6d5478f0b0e6d77e573e01c0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c985fd2c04400de6e2dffb06b51e12f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

FreeADsMem

kernel32

TerminateProcess
lstrcpyA
WriteFile
TlsFree
SetUnhandledExceptionFilter
LeaveCriticalSection
GetVersionExA
HeapDestroy
GetLastError
HeapReAlloc
LocalAlloc
lstrcatA
GetVersion
TlsSetValue
GlobalDeleteAtom
GetProcessVersion
GetEnvironmentStringsW
GetCPInfo
GetStartupInfoA
LocalFree
lstrcpynA
GetStringTypeA
GetProcAddress
GlobalLock
GlobalHandle
GetModuleFileNameA
GetACP
FreeConsole
HeapFree
LCMapStringA
IsBadCodePtr
FreeEnvironmentStringsA
MultiByteToWideChar
VirtualAlloc
RtlUnwind
GetOEMCP
InitializeCriticalSection
FreeEnvironmentStringsW
SetLastError
GetWindowsDirectoryA
EnterCriticalSection
GetStdHandle
HeapSize
GetModuleHandleA
TlsGetValue
lstrlenA
GlobalAlloc
GetEnvironmentStrings
DeleteCriticalSection
FreeLibrary
WideCharToMultiByte
GetStringTypeW
GetCurrentThreadId
IsBadWritePtr
VirtualFree
InterlockedDecrement
LocalReAlloc
ExitProcess
GetCurrentProcess
GetFileType
GlobalFree
HeapAlloc
LoadLibraryA
GetCommandLineA
CloseHandle
GlobalReAlloc
InterlockedIncrement
TlsAlloc
GlobalFlags
IsBadReadPtr
GlobalAddAtomA
HeapCreate
lstrcmpA
GetEnvironmentVariableA
RaiseException
LCMapStringW
GlobalFindAtomA
lstrcmpiA
GlobalUnlock
SetHandleCount

user32

GrayStringA
SetWindowLongA
GetSubMenu
GetWindowLongA
LoadStringA
CopyRect
EnableMenuItem
DrawTextA
GetMenuCheckMarkDimensions
GetMenuItemCount
SetWindowTextA
EnableWindow
IsWindowEnabled
MessageBoxA
CheckMenuItem
GetMenu
SetMenuItemBitmaps
PostQuitMessage
GetWindow
IsIconic
AdjustWindowRectEx
SendMessageA
LoadIconA
GetForegroundWindow
CallNextHookEx
DestroyWindow
GetClientRect
SetWindowPos
GetMessagePos
LoadBitmapA
PeekMessageA
GetMenuState
GetWindowRect
ReleaseDC
GetMenuItemID
GetLastActivePopup
GetDC
DispatchMessageA
UnhookWindowsHookEx
GetTopWindow
GetDlgCtrlID
WinHelpA
PtInRect
SetPropA
TabbedTextOutA
GetClassNameA
ClientToScreen
GetMessageTime
DestroyMenu
RegisterWindowMessageA
CreateWindowExA
RegisterClassA
GetClassInfoA
GetParent
GetWindowTextA
SetWindowsHookExA
LoadCursorA
SetFocus
GetPropA
GetClassLongA
GetCapture
GetSysColor
CallWindowProcA
GetDlgItem
ModifyMenuA
GetSystemMetrics
GetSysColorBrush
SystemParametersInfoA
RemovePropA
SetForegroundWindow
DefWindowProcA
PostMessageA
MapWindowPoints
GetFocus
GetNextDlgTabItem
GetWindowPlacement
GetKeyState

setupapi

SetupDiClassGuidsFromNameA
SetupDiEnumDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupFindFirstLineA
SetupFindNextLine
SetupDiGetDeviceInstallParamsA
SetupDiBuildDriverInfoList
SetupDiOpenDevRegKey
SetupCloseInfFile
SetupGetStringFieldA
SetupOpenInfFileA
SetupDiSetDeviceInstallParamsA
SetupDiSetSelectedDriverA
SetupDiCreateDeviceInfoA
SetupDiEnumDriverInfoA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
AdjustTokenPrivileges
RegRestoreKeyA
OpenProcessToken
RegCloseKey
RegSetValueExA
LookupPrivilegeValueA

gdi32

SelectObject
GetObjectA
OffsetViewportOrgEx
TextOutA
Escape
ExtTextOutA
SaveDC
ScaleWindowExtEx
SetMapMode
PtVisible
GetDeviceCaps
SetViewportExtEx
SetViewportOrgEx
DeleteDC
DeleteObject
RectVisible
SetWindowExtEx
CreateBitmap
ScaleViewportExtEx
RestoreDC
SetTextColor
SetBkColor
GetStockObject
GetClipBox

crypt32

RegQueryValueExU

Sections

.textbss
Size: - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c985fd2c04400de6e2dffb06b51e12f

Headers

DLL Characteristics

File Characteristics

Imports

activeds

kernel32

user32

setupapi

advapi32

gdi32

crypt32

Sections

.textbss Size: - Virtual size: 656KB

.text Size: 512B - Virtual size: 424B

.rdata Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 748B

.idata Size: 77KB - Virtual size: 77KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 24B

.textbss
Size: - Virtual size: 656KB

.text
Size: 512B - Virtual size: 424B

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 748B

.idata
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 24B