b1c50409e4cbc2b201e3437297ee7f9a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1c50409e4cbc2b201e3437297ee7f9a_JaffaCakes118
Size

176KB
MD5

b1c50409e4cbc2b201e3437297ee7f9a
SHA1

e686dc52099dc28b4277605ddaa15354341ed633
SHA256

506dc0a5dd9fc84513cd40c80cb31e93b61ba0680975c16072f9e3972eb89d36
SHA512

e2af230de9bdf2276ff2561ee3e1b53a276cb28cd95c26260ced1ac5c954547568b5cc6d4dbdc5159401e5d33463592112a926bd5351e4fe8f2536cdbf22032a
SSDEEP

3072:s9dgfbZJdM/P2jI8QpDL8bFKOik9+AOIFnJ5gG3moqjU:sobZJxju8JJibAlnJ5g6AY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1c50409e4cbc2b201e3437297ee7f9a_JaffaCakes118

Files

b1c50409e4cbc2b201e3437297ee7f9a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d4953308857e69bae979c3c54e9ef808

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
CloseHandle
CreateEventW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
GetCurrentThread
InterlockedDecrement
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
LockResource
GetACP
GetCPInfo
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
RtlUnwind
HeapFree
HeapAlloc
LoadResource
FindResourceW
GetLocaleInfoA
MultiByteToWideChar
GetLogicalDrives
LocalAlloc
GlobalFree
LocalFree
GetFullPathNameA
GlobalUnlock
lstrcpyA
lstrlenA
GlobalLock
DeleteFileA
lstrcatA
FindFirstFileA
GetStringTypeW
lstrcmpiA
FindClose
GetFileAttributesA
VirtualFree
CompareStringA
CopyFileA
VirtualAlloc
MoveFileA
SetFileAttributesA
Sleep
SystemTimeToFileTime
GetSystemTime
FileTimeToLocalFileTime
_lopen
LocalReAlloc
_lclose
_lcreat
_lwrite
_llseek
IsDBCSLeadByte
FreeLibrary
GetModuleHandleA
SearchPathA
GetCurrentDirectoryA
GetProfileIntA
ExitProcess
GetVersion
GlobalAlloc
GetProcAddress
GetCommandLineA
GetOEMCP
VirtualProtect

user32

SystemParametersInfoW
DialogBoxParamW
LoadStringW
PostMessageA
GetParent
SetFocus
SetWindowTextA
GetDlgItem
SendMessageA
EnableWindow
SetWindowPos
SetWindowLongA
GetWindowLongA
MoveWindow
IsWindowVisible
ShowWindow
IsZoomed
wsprintfA
DestroyWindow
IsWindow
LoadStringA
SetForegroundWindow
GetWindowRect
EnumChildWindows
ReleaseDC
GetDC
ScreenToClient
MessageBoxA
IsIconic
GetSysColor
GetSystemMetrics
EnumWindows
FindWindowA
CharUpperA
CreateWindowExA
DefWindowProcA
IsWindowEnabled
GetClientRect
PtInRect
ShowScrollBar
UpdateWindow
RegisterWindowMessageA
LoadCursorA
SetRectEmpty
EqualRect
SetCapture
WinHelpA
SetRect
FillRect
SetTimer
GetCursorPos
GetKeyState
GetMenuItemCount
GetSubMenu
CopyRect
ReleaseCapture
KillTimer
SetCursor
ClientToScreen
InflateRect
BeginPaint
EndPaint
GetMessagePos
ChildWindowFromPoint
InvalidateRect

advapi32

SetThreadToken
OpenThreadToken
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

gdi32

GetTextExtentPoint32A
SetBkColor
GetTextMetricsA
SetTextColor
GetStockObject
GetDeviceCaps
CreateSolidBrush
DeleteObject
GetTextExtentPointA
IntersectClipRect
UnrealizeObject
SetBrushOrgEx
ExtEscape
EnumFontFamiliesW
CreateICW
DeleteDC
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetEnhMetaFileHeader
GetObjectW
GetBitmapDimensionEx
CreateBitmap
PatBlt
GetPaletteEntries
SetMapMode
CreateCompatibleBitmap
CreateCompatibleDC
GetEnhMetaFileBits
CreatePalette
SelectPalette
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
GetObjectType
GetCurrentObject
SetStretchBltMode
SetWindowOrgEx
SelectObject

ole32

CoGetMalloc
CoInitialize
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4953308857e69bae979c3c54e9ef808

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 47KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 47KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 8KB - Virtual size: 6KB