898354a8b14cf21f9b8da07aed0bffe4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

898354a8b14cf21f9b8da07aed0bffe4_JaffaCakes118
Size

166KB
MD5

898354a8b14cf21f9b8da07aed0bffe4
SHA1

cf7a253857c5ff53985656f2a45bb534fb1564f2
SHA256

87837ac06c4ed6863a78fb1eeafebf6f3072df6163cde95250c4ca7bb7d624fd
SHA512

6483e6a8f8349f6e4b41a75226cc72a5bdfaf716d5a614fb3964bdb053d316bccceebd14e7257bec794df9f32edeeec567c253d642d02bdc32d5b32fe15eb696
SSDEEP

3072:RwLlzUnUB8MehuL4+nhNjGUAlN3U1ItwjCp/3T4ciV2:CLlzUy8ruc9UAX3U1dwj4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
898354a8b14cf21f9b8da07aed0bffe4_JaffaCakes118

Files

898354a8b14cf21f9b8da07aed0bffe4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c755f30aee12e83f757c6baffcd56a73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetSysColorBrush
GetProcessWindowStation
TranslateMessageEx
GetLastInputInfo
SetTimer
RegisterClipboardFormatA
wvsprintfA
MsgWaitForMultipleObjectsEx
KillTimer
PostMessageW
wsprintfA
PeekMessageW
PostMessageW
UnregisterClassW
CharLowerBuffW
GetShellWindow
GetAppCompatFlags2
RegisterClipboardFormatA
MsgWaitForMultipleObjects
PeekMessageW
GetDCEx
DrawTextA
CharUpperBuffW
GetLastInputInfo
SystemParametersInfoW
MsgWaitForMultipleObjects
GetWindowDC
GetShellWindow
SystemParametersInfoW
GetLastInputInfo

kernel32

VirtualProtectEx
SleepEx
Sleep
ReadProcessMemory
CreateProcessA
CreateProcessA
ReadProcessMemory
ReleaseMutex
WaitForSingleObjectEx
GetSystemTimeAsFileTime
CreateProcessW
SleepEx
CreateFileA
TerminateProcess
TerminateProcess
ReleaseMutex
CreateProcessA
CreateProcessW
WriteProcessMemory
DeviceIoControl
GetStartupInfoW
TerminateProcess
ReadProcessMemory
ReleaseMutex
Sleep
GetSystemTime
GetStartupInfoW
LoadLibraryExA
LoadLibraryExA
CreateProcessA
GetStartupInfoA
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
ReadFile
CreateProcessW
VirtualProtectEx
GetSystemTimeAsFileTime
WaitForSingleObject
SleepEx
Sleep
GetStartupInfoA
GetSystemTimeAsFileTime
ReleaseMutex
GetSystemTimeAsFileTime
ReadProcessMemory
LoadLibraryExA
GetStartupInfoA
GetSystemTime
GetSystemTimeAsFileTime
GetSystemTime
WaitForSingleObject
ReleaseMutex
WriteProcessMemory
CreateProcessA
TerminateProcess
GetSystemTimeAsFileTime
ReadFile
VirtualProtect
WaitForSingleObject
VirtualProtect
WaitForSingleObject
DeviceIoControl
ReadFile
CreateFileA
GetSystemTime
DeviceIoControl
CreateProcessA
LoadLibraryExW
DeviceIoControl
CreateFileA
WaitForSingleObjectEx
WaitForSingleObjectEx
TerminateProcess
LoadLibraryA
GetStartupInfoW
GetStartupInfoA
ReleaseMutex
Sleep
CreateProcessA
WriteProcessMemory
Sleep
WaitForSingleObjectEx
LoadLibraryA
WaitForSingleObjectEx
GetSystemTime
VirtualProtect
ReleaseMutex
GetSystemTime
WaitForSingleObjectEx
GetStartupInfoW
SleepEx
LoadLibraryExW
Sleep
LoadLibraryA
DeviceIoControl
DeviceIoControl
CreateFileA
GetStartupInfoW
VirtualProtect
VirtualProtectEx
GetSystemTime
GetSystemTime
WriteProcessMemory
LoadLibraryExW
WriteProcessMemory
GetStartupInfoA
WaitForSingleObjectEx
WriteProcessMemory
GetSystemTimeAsFileTime
WriteProcessMemory
LoadLibraryA
LoadLibraryA
SleepEx
WriteProcessMemory
DeviceIoControl
GetSystemTime
GetSystemTime
ReleaseMutex
LoadLibraryExW
TerminateProcess
LoadLibraryExA
WriteProcessMemory
CreateFileA
DeviceIoControl
LoadLibraryExW
TerminateProcess
CreateProcessA
DeviceIoControl
WaitForSingleObjectEx
ReleaseMutex
TerminateProcess
LoadLibraryA
CreateProcessW
DeviceIoControl
ReadFile
LoadLibraryExA
DeviceIoControl
CreateProcessW
DeviceIoControl
LoadLibraryA
LoadLibraryA
SleepEx
SleepEx
LoadLibraryExW
VirtualProtect
GetSystemTime
TerminateProcess
ReadProcessMemory
SleepEx
CreateProcessA
CreateFileA
GetStartupInfoA
GetStartupInfoW
LoadLibraryA
LoadLibraryExA
GetSystemTimeAsFileTime
WaitForSingleObjectEx
TerminateProcess
VirtualProtectEx
CreateProcessW
TerminateProcess
LoadLibraryExA
LoadLibraryExW
Sleep

advapi32

RegQueryValueExW
RegQueryValueExW
OpenThreadToken
AccessCheck
RegQueryValueExW
GetTokenInformation
MakeSelfRelativeSD
GetSecurityDescriptorDacl
OpenThreadToken
RegQueryValueExW
RegQueryValueExW
ImpersonateNamedPipeClient
ImpersonateNamedPipeClient
RegQueryValueExW
AccessCheck
GetTokenInformation
GetTokenInformation
AccessCheck
GetSecurityDescriptorDacl
GetSecurityDescriptorDacl

gdi32

SetBkMode
GdiReleaseDC
CreateSolidBrush
GetStockObject
ExtTextOutW
GetTextExtentPoint32W
GetTextCharsetInfo
CreateCompatibleDC
CreateCompatibleDC
GetStockObject
SetBkColor
GdiReleaseDC
GetWindowExtEx
SelectObject
GetHFONT
GdiValidateHandle
RectVisible
GetViewportExtEx
SelectObject
GetViewportOrgEx

comdlg32

GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 117KB - Virtual size: 136KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

999cv8
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c755f30aee12e83f757c6baffcd56a73

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 117KB - Virtual size: 136KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

999cv8 Size: 6KB - Virtual size: 8KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 117KB - Virtual size: 136KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

999cv8
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 10KB - Virtual size: 12KB