95009a73e7bbed293ef89eb3b6e8caa6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95009a73e7bbed293ef89eb3b6e8caa6_JaffaCakes118
Size

313KB
MD5

95009a73e7bbed293ef89eb3b6e8caa6
SHA1

657a47be229e42a070b3f98bf99b9e4a58d1fb94
SHA256

ee801f2071819eec420e667a5e9b24a2d4a5410dd01ccbc57ef375bc37a311d4
SHA512

d2322ae20826daa6b4f8dec194a37ff89cd8497705c4084e62fec5c8f2f17e7191556ecf96feaa37639df23a4c58de86f31b485611e95bbd98f7bff29a2f6111
SSDEEP

6144:CDlIAB2mBaejoA7nwgg9o2ivnAzEbAeiS5ZLpXp6hfJ89:SwmxjoA7wgV2EnAAMS5ZAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95009a73e7bbed293ef89eb3b6e8caa6_JaffaCakes118

Files

95009a73e7bbed293ef89eb3b6e8caa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e68fecdd8c2bdcc8bab4e58dfad35435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
GetDeviceCaps
DeleteDC
GetStockObject
CreateCompatibleDC
SetTextColor
SelectObject

user32

IsWindow
GetDC
GetCursorPos
ReleaseDC
UnregisterClassA
GetClientRect
ClientToScreen
GetKeyState
DestroyWindow
GetParent
ShowWindow
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
RegisterClassA
GetWindowLongA
CreateWindowExA
DispatchMessageA
EndPaint
SetFocus
SetWindowPos
DefWindowProcA
MapWindowPoints
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
SetWindowTextA
GetDlgItem
ScreenToClient
LoadCursorA
GetFocus
EndDialog
FillRect
MoveWindow
MessageBoxA
GetSysColor
SystemParametersInfoA
InvalidateRect
wsprintfA
CallWindowProcA
SetCursor
PostQuitMessage
SetForegroundWindow
BeginPaint

kernel32

GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
LockResource
FindNextFileA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
LoadLibraryExW
FreeEnvironmentStringsW
GetLocaleInfoW
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
GetSystemTimeAsFileTime
GetExitCodeProcess
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
HeapCreate
GetEnvironmentStrings
SetStdHandle
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
UnmapViewOfFile
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
GlobalAlloc
GlobalLock
FindFirstFileW
CreateFileMappingA
CompareStringA
GetDiskFreeSpaceA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc

advapi32

RegDeleteKeyW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueW

msvcrt

_exit
_cexit
exit

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e68fecdd8c2bdcc8bab4e58dfad35435

Headers

File Characteristics

Imports

gdi32

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 286KB - Virtual size: 286KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 286KB - Virtual size: 286KB

.rsrc
Size: 2KB - Virtual size: 1KB