a93dc30820054d004bc0e095ba684f32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a93dc30820054d004bc0e095ba684f32_JaffaCakes118
Size

273KB
MD5

a93dc30820054d004bc0e095ba684f32
SHA1

371f6914cb6687dcc1ce7b71113b8c81003bb7e0
SHA256

65c8af3a1a5c3b7ef84d45ca2cb0c93224a81f5195835649aecf250c04369d22
SHA512

d576aecf30f0d305518146adb45241f8cbf969ec873aa3be7b2caa70a6004deb5f8608da82769d7906df0e60e5372f781c7617dd0426ca96a04fc85852938b13
SSDEEP

6144:OJaF4uk8jxl2nQeHbN2cG8/fji3N5OSQAp3CEvJ7:OEiukolle8cG8/c4rAp3C67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a93dc30820054d004bc0e095ba684f32_JaffaCakes118

Files

a93dc30820054d004bc0e095ba684f32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a4d4d329d93b9f92412e21debceda62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
FileTimeToSystemTime
lstrcpyW
GetVersion
GetModuleHandleW
GetCurrentProcess
CreateEventW
InterlockedDecrement
GlobalLock
GlobalAddAtomW
QueryDosDeviceW
SuspendThread
FreeLibrary
GetLogicalDrives
GetCurrentThreadId
GlobalDeleteAtom
LoadLibraryW
CreateProcessW
GetSystemTime
GetCurrentThread
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
ReadProcessMemory
GlobalUnlock
ResumeThread
MultiByteToWideChar
GetFileAttributesExW
SetFilePointer
lstrlenW
WritePrivateProfileStringW
CancelWaitableTimer
SetEndOfFile
SizeofResource
ReadFile
CreateThread
GetProcAddress
InterlockedIncrement
GetPrivateProfileStringW
GetDriveTypeW
MoveFileW
FindResourceExW
VirtualAlloc
LoadResource

user32

SetCapture
SendMessageW
GetWindowThreadProcessId
LoadCursorW
GetParent
DispatchMessageW
InvalidateRect
OffsetRect
TrackPopupMenu
EnableWindow
DrawTextW
VkKeyScanW
GetDlgItem
SetForegroundWindow
DialogBoxParamW
GetKeyState
RedrawWindow
FillRect
TranslateMessage
SetWindowPos
SystemParametersInfoW
CreateWindowExW
wsprintfW
SetWindowTextW
GetWindowTextW
GetClassNameW
GetSysColor
PostThreadMessageW
AppendMenuW
GetMessageW

gdi32

CreateDCW
GetObjectW
SetBkColor
CreatePen
DeleteObject
SetBkMode
DeleteDC
GetClipBox
DPtoLP
LineTo
SelectObject
Rectangle
CreateCompatibleBitmap
StretchBlt
GetMapMode

advapi32

RegDeleteValueW
InitializeSecurityDescriptor
GetUserNameW
StartServiceW

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a4d4d329d93b9f92412e21debceda62

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 236KB - Virtual size: 234KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 236KB - Virtual size: 234KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 24KB