89fd96f66c0122edb1cc3e4d94063204_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89fd96f66c0122edb1cc3e4d94063204_JaffaCakes118
Size

142KB
MD5

89fd96f66c0122edb1cc3e4d94063204
SHA1

4fcfd06cccceecca1871d312ef85bc1841323c4f
SHA256

b6ef16debd0ff842f640ce4b0ed98b2a093003b6f4b121953050e8f830dcc649
SHA512

7125c2e9f406e2d1f45760ea689711da92165fc66ddb58fd442c095a6944c1925dc5b8c91320d14755f4a2b37913787239585ad6561eb8e3e446a8a73e74ab26
SSDEEP

3072:+m3bRlmWPhBNHw1tQezheEfzJD+IrzfVtyemtON0RMMD5:rHZBVw1qeteEhLrVtyrzR/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89fd96f66c0122edb1cc3e4d94063204_JaffaCakes118

Files

89fd96f66c0122edb1cc3e4d94063204_JaffaCakes118
.exe windows:6 windows x86 arch:x86

95ea0bc81cb690ed51522b09f06de49c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
SetEvent
SetUnhandledExceptionFilter
GetProcessHeap
GetModuleHandleA
LocalAlloc
GetCommandLineW
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleA
GetCommandLineA
GetModuleHandleW
GetACP
GetTickCount
QueryPerformanceCounter
SetEvent
GetCurrentProcessId
GetModuleHandleA
GetCurrentProcess
SetEvent
GetCurrentThreadId
GetACP
GetCommandLineA
GetProcessHeap
LocalFree
LocalFree
GetCommandLineA
SetEvent
GetCommandLineW
SetEvent
SetUnhandledExceptionFilter
GetCurrentThreadId
SleepEx
SetEvent
WaitForSingleObject
GetCurrentThreadId
FormatMessageW
GetCurrentProcessId
GetCurrentProcess
SetEvent
SetUnhandledExceptionFilter
GetACP
GetModuleFileNameA
GetCommandLineW
GetCurrentProcessId
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetModuleHandleW
SetEvent
GetCommandLineA
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameA
GetCurrentThreadId
GetCommandLineW
GetCurrentProcess
SetEvent
SetUnhandledExceptionFilter
GetCurrentProcess
WaitForSingleObject
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualFree
GetCurrentProcess
GetACP
LocalFree
WaitForSingleObject
GetCurrentThreadId
WaitForSingleObject
MultiByteToWideChar
SetUnhandledExceptionFilter
VirtualFree
LocalFree
GetModuleFileNameA
WaitForSingleObject
LocalAlloc
QueryPerformanceCounter
GetModuleHandleA
VirtualFree
GetCommandLineW
VirtualFree
GetModuleHandleW
QueryPerformanceCounter
LocalAlloc
GetACP
GetModuleHandleW
GetProcessHeap
GetCommandLineA
GetCommandLineA
FormatMessageW
GetModuleFileNameA
GetTickCount
SetUnhandledExceptionFilter
LocalFree
GetCurrentProcess
GetModuleHandleA
VirtualFree
GetCommandLineA
SetEvent
MultiByteToWideChar
GetModuleHandleA
GetCurrentProcessId
GetACP
LocalAlloc

user32

DefWindowProcW
DestroyWindow
GetDC
GetMessageW
GetMessageW
GetMessageW
GetSystemMetrics
LoadIconW
GetWindowRect
GetWindowRect
GetWindowRect
PostMessageW
CreateWindowExW
DefWindowProcW
GetSystemMetrics
GetDlgItem
DefWindowProcW
PostMessageW
GetDC
GetDlgItem
ReleaseDC
DefWindowProcW
ReleaseDC
DestroyWindow
PostMessageW
SetTimer
PostMessageW
GetSystemMetrics
ShowWindow
ReleaseDC
CreateWindowExW
ReleaseDC
ShowWindow
ShowWindow
GetDlgItem
ReleaseDC
LoadIconW
DestroyWindow
PostMessageW
PostMessageW
GetWindowRect
LoadIconW
GetSystemMetrics
ShowWindow
ReleaseDC
GetSystemMetrics
GetMessageW
SetTimer
GetDlgItem
ShowWindow
DefWindowProcW
SendMessageW
LoadIconW
GetDC
CreateWindowExW
GetDlgItem
SendMessageW
DestroyWindow
PostMessageW
SetTimer
ShowWindow
SendMessageW
PostMessageW
GetDlgItem
GetDlgItem
DefWindowProcW
PostMessageW
SendMessageW
ShowWindow
GetDC
GetMessageW
SendMessageW
DefWindowProcW
GetDC
LoadIconW
DefWindowProcW
GetDlgItem
SetTimer
GetWindowRect
PostMessageW
DestroyWindow
GetDC
GetDC
GetWindowRect
ReleaseDC
SetTimer
SendMessageW
GetSystemMetrics
DefWindowProcW
PostMessageW
DestroyWindow
GetDC
CreateWindowExW
GetSystemMetrics
SendMessageW
GetSystemMetrics
ShowWindow
GetDC
ShowWindow
GetMessageW

ntdll

NtAllocateVirtualMemory

gdi32

LineTo
GetStockObject
SelectObject
GetDeviceCaps
LineTo
MoveToEx
PatBlt
MoveToEx
DeleteObject
DeleteDC
CreateCompatibleBitmap
DeleteObject
GetObjectW
LineTo
GetTextMetricsW
PatBlt
GetObjectW
GetDeviceCaps
SelectObject
DeleteObject
GetDeviceCaps
DeleteObject
BitBlt
DeleteObject
MoveToEx
SelectObject
MoveToEx
CreateCompatibleDC
DeleteObject
CreateCompatibleDC
SetTextColor
CreateCompatibleBitmap
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
LineTo
SetTextColor
DeleteDC
SelectObject
PatBlt
CreateCompatibleDC
MoveToEx
GetStockObject
CreateCompatibleBitmap
GetObjectW
LineTo
SelectObject
CreateCompatibleBitmap
SetTextColor
LineTo
DeleteDC
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
BitBlt
LineTo
LineTo
DeleteDC
GetStockObject
CreateCompatibleDC
MoveToEx
PatBlt
BitBlt
GetObjectW
CreateCompatibleDC
LineTo
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleBitmap
MoveToEx
GetStockObject
GetTextMetricsW
GetStockObject
PatBlt
PatBlt
GetDeviceCaps
CreateCompatibleBitmap
SetTextColor
LineTo
CreateCompatibleDC
GetTextMetricsW
BitBlt
GetStockObject
CreateCompatibleDC
GetStockObject
BitBlt
CreateCompatibleBitmap
DeleteDC
MoveToEx
GetObjectW
PatBlt
PatBlt
GetStockObject
SetTextColor
CreateCompatibleBitmap
GetTextMetricsW
SelectObject
GetTextMetricsW
GetStockObject

Sections

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95ea0bc81cb690ed51522b09f06de49c

Headers

File Characteristics

Imports

kernel32

user32

ntdll

gdi32

Sections

.data Size: 28KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 8KB

.data Size: 108KB - Virtual size: 112KB

.rsrc Size: 2KB - Virtual size: 124KB

.data
Size: 28KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 8KB

.data
Size: 108KB - Virtual size: 112KB

.rsrc
Size: 2KB - Virtual size: 124KB