b23d6deb9f385165a7ca5def9c4b56e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b23d6deb9f385165a7ca5def9c4b56e7_JaffaCakes118
Size

42KB
MD5

b23d6deb9f385165a7ca5def9c4b56e7
SHA1

a31e33c3cd30961bcef2f30b4dabfe140acf507a
SHA256

658e28124783b54f81e5550f625d2a4bd3ff0b3c96e800860c7026b11d8fac8f
SHA512

ffb26f250d8020ecc30021d2673efc0036aca984a6b6fadc2bfd020f073d7745052af29bc86d34bef77e37a684196804226a9562d3a4e36624ba903dc2d61398
SSDEEP

768:I9csiXZwmsc+EV/jD5ucdW3ZAax/SOrPqSwFfNCF/iDeq:IAXTpBVTspAatSOrPD8fNsiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23d6deb9f385165a7ca5def9c4b56e7_JaffaCakes118

Files

b23d6deb9f385165a7ca5def9c4b56e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d69acc33da03334de3fa7f500c4a0367

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
ConnectNamedPipe
Process32First
GetPrivateProfileSectionA
lstrcat
SetFileApisToANSI
GetProcessVersion
GetProcessPriorityBoost
_hwrite
GetFileAttributesExA
GetDriveTypeA
EnumTimeFormatsA
GetCurrentProcess
_lcreat
SetCommBreak
GlobalUnlock
lstrcmp
FindFirstFileA
GetProfileStringA
PrepareTape
GetThreadTimes
OpenWaitableTimerA
GetConsoleCommandHistoryLengthW
GetSystemDirectoryA
WriteConsoleInputA
GetConsoleCursorInfo
FatalExit
GetModuleHandleA
GetProcessHeap
GetCPInfoExA
SetConsoleInputExeNameA
DeleteTimerQueue
ReadConsoleA
GetStdHandle
GetTimeZoneInformation
GetNumberOfConsoleMouseButtons
Process32Next
GetThreadIOPendingFlag
EnumUILanguagesA
WriteProfileStringA
GetEnvironmentVariableA
FreeEnvironmentStringsA
FindFirstVolumeMountPointA
WaitForMultipleObjects
UnregisterWait
LoadLibraryExW
IsProcessorFeaturePresent
lstrcatA
GetFileAttributesExA
CloseHandle
WaitForDebugEvent
GetExitCodeThread
OpenFileMappingA
Heap32First
Heap32ListFirst
GetConsoleTitleA
GetDriveTypeA
SetFilePointerEx
GetNumberOfConsoleFonts
GetDriveTypeA
ReadConsoleInputA
GetStringTypeExA
GlobalGetAtomNameA
GetVersionExA
GetTimeFormatA
SetPriorityClass
AddConsoleAliasA
GetLocaleInfoA
GetBinaryTypeA
Heap32Next
SetLastConsoleEventActive
IsSystemResumeAutomatic
WriteConsoleOutputCharacterA
FlushViewOfFile
SetHandleInformation
CreateFileA
FindNextVolumeMountPointW
WaitForSingleObject
FindFirstFileExA
GetDiskFreeSpaceA
SetInformationJobObject
IsProcessorFeaturePresent
ReadConsoleOutputCharacterA
DeleteFileA
Module32Next

user32

SetCapture
GetProcessDefaultLayout
RegisterMessagePumpHook
LoadBitmapA
MapDialogRect
DeleteMenu
FillRect
EnumDisplayMonitors
CreateDesktopA
CalcMenuBar
CreateIconIndirect
RegisterClipboardFormatA
ChangeDisplaySettingsA
ToUnicodeEx
GetClassWord
DlgDirSelectComboBoxExA
ChildWindowFromPoint
GetMenuStringA
RemoveMenu
ClipCursor
MonitorFromPoint
CharUpperBuffA
SetWindowsHookA
OpenDesktopA
GetKeyState
GetClipboardSequenceNumber
CreateAcceleratorTableA
TileWindows
SendDlgItemMessageA
GetUserObjectSecurity
IsDlgButtonChecked
GrayStringA
GetMessagePos
GetTabbedTextExtentA
RedrawWindow
SendMessageCallbackA
SetInternalWindowPos
TranslateMDISysAccel
ClientThreadSetup
MonitorFromWindow
HiliteMenuItem
DrawMenuBar
EnableWindow
RegisterClassA
SetDeskWallpaper
ChangeDisplaySettingsExA
DeleteMenu
GetMenuStringA
BeginPaint
RegisterSystemThread
IsGUIThread
GetClipboardData
GetClientRect
SetCursorContents
GetForegroundWindow
MessageBoxTimeoutA
CreateMDIWindowA
PostThreadMessageA
GetTabbedTextExtentA
DispatchMessageA
GetMenuDefaultItem
HiliteMenuItem
SetScrollRange
MessageBoxIndirectA
AttachThreadInput
UnhookWindowsHookEx
GetClipboardSequenceNumber
EmptyClipboard
DrawCaption
AllowForegroundActivation
GetClipboardViewer
GetScrollRange
CreateDesktopA
SendDlgItemMessageA
GetDlgItemTextA
DrawCaptionTempA
SetDebugErrorLevel
CascadeWindows
GetMenuInfo
GetClipboardFormatNameA
DrawCaption
DisableProcessWindowsGhosting
SetProcessWindowStation

gdi32

CreateColorSpaceA
GetLogColorSpaceA

dsound

DirectSoundCaptureCreate
DirectSoundCaptureEnumerateA

Exports

Exports

IsDpkgerc
IsWdgdghm
IsCijkdxuo
Clgrtahse
Algrwejian
Vuwqhoaiq
Grxuygsoygy
Fggwujvlri
Awwlhkowp
AddLrgkycbji

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d69acc33da03334de3fa7f500c4a0367

Headers

File Characteristics

Imports

kernel32

user32

gdi32

dsound

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 8KB

.data Size: 19KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 276B

.tls Size: - Virtual size: 696B

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 8KB

.data
Size: 19KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 276B

.tls
Size: - Virtual size: 696B

.rsrc
Size: 13KB - Virtual size: 12KB