acce7afb2575b4ca49a48b37ba0729ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acce7afb2575b4ca49a48b37ba0729ba_JaffaCakes118
Size

112KB
MD5

acce7afb2575b4ca49a48b37ba0729ba
SHA1

966a4cdabcd837c32ff19e3ca0b826bf2a219c74
SHA256

d0aa5b36c417d2e6d1faafb195b72a84a3a18d7c47c54a02dd94db0b0655b94d
SHA512

01581735371ea3ce3fde38b80cf47308d6bec7b777d194937c40524df59c8379e4c16fd4455ed5e1574c7689e214f199f02cff8148f15e045e2f9b766fac8dd7
SSDEEP

3072:EBpZHWfcPbqHtZQCX0CKrlTRKnBHwdnMRwaDdSO:EVPbUQCkCKiBQVonN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acce7afb2575b4ca49a48b37ba0729ba_JaffaCakes118

Files

acce7afb2575b4ca49a48b37ba0729ba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOverlappedResult
WaitForMultipleObjects
GetQueuedCompletionStatus
GetTickCount
MultiByteToWideChar
lstrlenA
WriteConsoleA
GetSystemTimeAsFileTime
ReadFile
GlobalFree
SizeofResource
FindResourceW
lstrcmpW
GlobalAlloc
LoadResource
lstrcmpiW
GetCurrentThreadId
lstrlenW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ResetEvent
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetSystemInfo
GetFileType
SetHandleCount
TerminateProcess
ExitProcess
VirtualQuery
GetVersionExA
RtlUnwind
GetCurrentProcess
SetProcessWorkingSetSize
SetEvent
PostQueuedCompletionStatus
CloseHandle
WriteFile
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
InterlockedExchange
GetStdHandle
VirtualProtect
HeapSize
GetCommandLineA

user32

GetWindowDC
GetWindowRect
GetPropW
SetPropW
SetWindowLongW
SetWindowLongA
GetClassNameW
IsWindowUnicode
SendMessageW
GetWindowLongW
CallNextHookEx
SetWindowsHookExW
RemovePropW
CallWindowProcW
GetClientRect
MapWindowPoints
ShowCaret
BeginPaint
EndPaint
ExcludeUpdateRgn
GetWindowTextW
CharNextW
DrawTextW
GetFocus
IntersectRect
DrawFocusRect
ValidateRect
ScreenToClient
InvalidateRect
GetSysColor
GetDC
GetSystemMetrics
DefWindowProcW
IsIconic
IsWindowEnabled
GetWindow
GetParent
InflateRect
OffsetRect
ReleaseDC
wvsprintfA
MsgWaitForMultipleObjects
HideCaret

advapi32

ReportEventW

gdi32

CreateDIBitmap
SetBkColor
DeleteObject
IntersectClipRect
GetTextExtentPointW
ExtTextOutW
SelectObject
SetTextColor
CreateSolidBrush
SetBkMode
PatBlt

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB