a0c809d10de5bfd5d70d54ec25a9135f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0c809d10de5bfd5d70d54ec25a9135f_JaffaCakes118
Size

453KB
MD5

a0c809d10de5bfd5d70d54ec25a9135f
SHA1

555701ff3082fc39fe774be97fb46ccc323bbe2b
SHA256

7d2aebaf73456822f2967b13a825985096451a57c69fdd7dd80d79358fe68e3a
SHA512

307856e5eec3d37c1afe97afebd9f8a6ba9c22ba724f62298caf4f0d8fbecadab8bd4609598729274dc37a975af12ad48285a4246219f82c3f8af7ec5c96931a
SSDEEP

6144:52PtniS8YzeYAUXVlKGT2aajxwD/1efSjLh9w+htyK0qktlFxqlsWrDZfJSixqGl:IPtnnzeCewD9Z9EqalF5CDdA4k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c809d10de5bfd5d70d54ec25a9135f_JaffaCakes118

Files

a0c809d10de5bfd5d70d54ec25a9135f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d50c93c107f5b45af899f7cf7e1f3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW
GetObjectW
GetStockObject

ntdll

RtlAddAce
RtlAdjustPrivilege
NtAllocateVirtualMemory

msvcrt

longjmp
_amsg_exit
malloc
bsearch
_wtoi
_wtol
memset
_initterm
_adjust_fdiv
_wcsicmp
_wcsnicmp
_vsnprintf
_ultow
_vsnwprintf
_setjmp3
memcpy
memmove
_XcptFilter
free

rpcrt4

RpcStringFreeW

user32

MsgWaitForMultipleObjects
IsWindow
DialogBoxParamW
GetWindowRect
EndDialog
GetDlgItem
ExitWindowsEx
CharUpperW
GetDC
GetDesktopWindow
GetDlgItemTextW
PeekMessageW
SendDlgItemMessageW
SetWindowPos
SendMessageW
LoadStringW
SetWindowTextW
MessageBeep
UpdateWindow
OemToCharA
CharPrevW
DestroyWindow
GetSystemMetrics
CreateDialogParamW
EnableWindow
MessageBoxW
CharNextA
DispatchMessageW
ReleaseDC
CharNextW
SetDlgItemTextW
ShowWindow

kernel32

GetWindowsDirectoryW
GetCurrentProcess
LocalReAlloc
lstrcmpW
RtlUnwind
GetShortPathNameW
SetFileAttributesW
FreeLibrary
lstrlenA
GetCurrentProcessId
UnmapViewOfFile
FindFirstFileW
SearchPathW
FindResourceW
CreateDirectoryW
LoadResource
GetLastError
GetSystemDefaultUILanguage
WritePrivateProfileStringW
DeleteFileW
LocalFree
GetSystemDirectoryW
MoveFileW
ExpandEnvironmentStringsW
SetFilePointer
GetFileSize
InterlockedCompareExchange
FindClose
GetProfileStringW
MultiByteToWideChar
GetFileTime
Sleep
CompareStringW
TerminateProcess
GetUserDefaultUILanguage
CopyFileW
MapViewOfFileEx
MoveFileExW
LoadLibraryW
CloseHandle
CreateFileMappingW
WideCharToMultiByte
RemoveDirectoryW
GetFullPathNameW
MapViewOfFile
FindNextFileW
lstrlenW
GetPrivateProfileIntW
GetLocalTime
QueryPerformanceCounter
GetSystemInfo
GetPrivateProfileStringW
GetTempPathW
GetPrivateProfileSectionW
ReadFile
GetProcAddress
GetEnvironmentVariableW
SetUnhandledExceptionFilter
GetDriveTypeW
GetVersionExW
SetLastError
InterlockedExchange
lstrcmpiW
FindResourceExW
SetFileTime
GetDiskFreeSpaceW
DisableThreadLibraryCalls
SizeofResource
CreateProcessW
LoadLibraryExW
UnhandledExceptionFilter
WritePrivateProfileSectionW
GetStartupInfoA
MulDiv
GetModuleFileNameW
GetTickCount
GetCurrentThreadId
lstrcmpiA
CreateFileW
GetVolumeInformationW
GetSystemTimeAsFileTime
FormatMessageW
GetTempFileNameW
LockResource
GetFileAttributesW
EnumResourceLanguagesW
LocalAlloc

advapi32

RegSetValueW
CancelOverlappedAccess
RegFlushKey
RegDeleteValueW
BuildTrusteeWithNameA
ControlTraceA
RegSetValueExW
RegOpenKeyExA
RegCreateKeyExW
EqualSid
RegDeleteKeyW
CreateServiceW
LookupPrivilegeValueW
RegSaveKeyW
ConvertSidToStringSidA
RegQueryValueExA
AdjustTokenPrivileges
CredRenameW
RegOpenKeyExW
AllocateAndInitializeSid
FreeSid
OpenProcessToken
RegQueryInfoKeyW
RegCloseKey

Sections

.text
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31d50c93c107f5b45af899f7cf7e1f3a

Headers

File Characteristics

Imports

gdi32

ntdll

msvcrt

rpcrt4

user32

kernel32

advapi32

Sections

.text Size: 415KB - Virtual size: 415KB

.rsrc Size: 9KB - Virtual size: 9KB

.data Size: 22KB - Virtual size: 936KB

.reloc Size: 512B - Virtual size: 36B

.rdata Size: 4KB - Virtual size: 4KB

.text
Size: 415KB - Virtual size: 415KB

.rsrc
Size: 9KB - Virtual size: 9KB

.data
Size: 22KB - Virtual size: 936KB

.reloc
Size: 512B - Virtual size: 36B

.rdata
Size: 4KB - Virtual size: 4KB