adebba2c3070a5692d9d80b7ebaeb8aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adebba2c3070a5692d9d80b7ebaeb8aa_JaffaCakes118
Size

2.0MB
MD5

adebba2c3070a5692d9d80b7ebaeb8aa
SHA1

c73b027b0f64181be845c94590815db2ca2ca8eb
SHA256

22807ce85b4863ef9d4328726dad5ad7506fc31804bd8d69faa4e05c754d22a3
SHA512

06a34d027f98f0fbcaaca872f393a4f0074e1ad1f944455c7e4bf7618b767b132cbe21a02806247eb35e92c0338b3671bb90656d611220ea40625189883772b6
SSDEEP

12288:MLSBQPSPdI7dz8IgP1fjHVZ3V9lxl2ihex:MLlSPdI7dJ8fH3V9lxl2ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adebba2c3070a5692d9d80b7ebaeb8aa_JaffaCakes118

Files

adebba2c3070a5692d9d80b7ebaeb8aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

283c141de8fef1bda42b0907958cf934

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
Sleep
HeapSize
HeapReAlloc
HeapCreate
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
VirtualFree
VirtualAlloc
LockResource
lstrcpynW
lstrlenA
lstrcpynA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCommandLineW
lstrcmpW
GetCurrentProcessId
GetCurrentProcess
FlushInstructionCache
GetStringTypeA
lstrcpyW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
MulDiv
LoadLibraryW
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException

user32

LoadStringA
PostQuitMessage
LoadStringW
SetMenuDefaultItem
MessageBoxW
RemoveMenu
CreatePopupMenu
TranslateAcceleratorW
CreateAcceleratorTableW
GetSubMenu
PeekMessageW
AppendMenuW
GetClassNameW
CallNextHookEx
GetKeyState
CharLowerW
UnhookWindowsHookEx
RegisterWindowMessageW
GetSysColorBrush
WindowFromPoint
MessageBeep
FrameRect
ModifyMenuW
ShowWindow
SetWindowsHookExW
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoW
DrawFrameControl
GetFocus
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetActiveWindow
GetWindowThreadProcessId
IsWindowVisible
MapWindowPoints
PostMessageW
DestroyMenu
InflateRect
DrawFocusRect
AdjustWindowRectEx
GetDlgCtrlID
IsWindowEnabled
KillTimer
SetTimer
ClientToScreen
GetWindowRect
GetMenu
GetCapture
SetCursor
ReleaseDC
GetWindowDC
GetSystemMetrics
SystemParametersInfoW
GetMessagePos
PtInRect
SetCapture
UpdateWindow
ScreenToClient
ReleaseCapture
OffsetRect
GetSysColor
EndPaint
BeginPaint
SetRect
DrawEdge
DrawTextW
FillRect
CallWindowProcW
GetParent
SetFocus
InvalidateRect
GetClientRect
SetWindowPos
SendMessageW
CreateWindowExW
DestroyWindow
SetRectEmpty
LoadCursorW
CharNextW
DefWindowProcW
IsWindow
GetWindowLongW
SetWindowLongW
IsMenu
UnregisterClassA

gdi32

SetBkColor
SetBrushOrgEx
CreateFontIndirectW
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteObject
GetStockObject
GetObjectW
SelectObject
SetBkMode
SetTextColor
CreatePen
MoveToEx
LineTo
CreateDIBSection
PatBlt
DeleteDC

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize

oleaut32

VarUI4FromStr

comctl32

ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_DrawIndirect

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

283c141de8fef1bda42b0907958cf934

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 330KB - Virtual size: 329KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 330KB - Virtual size: 329KB