b7644775cee8184ab267b3a80146f4a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7644775cee8184ab267b3a80146f4a7_JaffaCakes118
Size

29KB
MD5

b7644775cee8184ab267b3a80146f4a7
SHA1

1ba1cfb9a403c175cd57099d07351fd3428f09ea
SHA256

ddb4ca4aea2b89e4308fea2dacc935ed8e863e4295466da69a6ab7e524b354b1
SHA512

d88d34ec01a96e2329294a3b4635c8d608f64809b9044b00ba315cd3445d7281844d105b4d39e7119782c80491d09bb399ab833fe686b994121169cb2733e4c0
SSDEEP

384:XkxFqTUg+R9GTh/UqjqT6w8ZMw+6cD9vz124UKoIEtWYaZX8MQ7YMvp5Br:XoCUgGG9qj8CL669vz1o5HaZX0zB5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7644775cee8184ab267b3a80146f4a7_JaffaCakes118

Files

b7644775cee8184ab267b3a80146f4a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6574c0e9732583a2ebbff0254710e10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDCOrgEx
GetClipBox
DeleteObject
GetNearestPaletteIndex
SelectObject
SetWindowOrgEx
GetStockObject
SelectPalette
GetPaletteEntries
GetSystemPaletteEntries
GetObjectW
RealizePalette
GetDeviceCaps
CreatePalette
PatBlt

user32

GetAsyncKeyState
SetCursor
SendMessageW
wsprintfW
GetClipboardData
DispatchMessageW
LoadCursorW
InvalidateRect
LoadStringW
BeginPaint
UpdateWindow
MessageBeep
GetDC
SetRect
SetClipboardData
GetWindowLongW
SetTimer
GetClassInfoW
SetWindowLongW
GetMessageW
TranslateMessage
EqualRect
PeekMessageW
GetParent
GetClientRect
wvsprintfW
KillTimer
EndPaint
CloseClipboard
EmptyClipboard
RegisterClassW
wsprintfA
MessageBoxW
OpenClipboard
CreateWindowExW
LoadStringA
ClientToScreen
DefWindowProcW
IsWindow
MsgWaitForMultipleObjects
ReleaseDC
PostMessageW

msvfw32

DrawDibGetPalette
DrawDibDraw
ICSeqCompressFrame
ICSeqCompressFrameEnd
ICCompressorChoose
ICSeqCompressFrameStart
DrawDibBegin
DrawDibRealize
ICCompressorFree
DrawDibClose
DrawDibOpen
ICImageDecompress

ntdll

RtlUlongByteSwap
NtCreateDebugObject
NtAllocateVirtualMemory

advapi32

RegQueryValueExW
RegCreateKeyW
RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegQueryValueExA
RegOpenKeyA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

mmioDescend
waveInAddBuffer
OpenDriver
waveInStop
mmioSeek
mmioOpenW
mmioWrite
mmioRead
waveInStart
waveInOpen
timeGetTime
CloseDriver
waveInClose
mmioClose
waveInReset
mmioFlush
SendDriverMessage
mciSendStringW
waveOutGetNumDevs
waveInUnprepareHeader
mmioCreateChunk
mmioAscend
waveInPrepareHeader

kernel32

SetThreadPriority
CloseHandle
GetFullPathNameW
FreeLibrary
GetThreadPriority
IsBadWritePtr
GlobalHandle
DeleteCriticalSection
WaitForSingleObject
LocalUnlock
GetDiskFreeSpaceW
DisableThreadLibraryCalls
GetLastError
GlobalAlloc
IsBadCodePtr
ExitProcess
lstrcatA
IsBadStringPtrW
GetTickCount
QueryPerformanceCounter
GetCurrentThread
GlobalMemoryStatusEx
LocalAlloc
InitializeCriticalSection
QueryPerformanceFrequency
GlobalUnlock
GlobalFree
SetEvent
lstrcpynW
GetModuleHandleW
GlobalLock
GetModuleFileNameW
IsBadReadPtr
GetProcAddress
WriteFile
IsBadHugeReadPtr
MultiByteToWideChar
lstrcpyW
HeapAlloc
DeleteFileW
WideCharToMultiByte
GetCurrentThreadId
GetLocalTime
lstrcpyA
MulDiv
lstrcatW
LocalLock
CreateFileW
GetSystemInfo
GlobalReAlloc
EnterCriticalSection
GetFileAttributesW
Sleep
SetFilePointer
LoadLibraryW
VirtualAlloc
LocalHandle
CreateEventW
CreateThread
GetOverlappedResult
lstrcmpiW
GetACP
LeaveCriticalSection
LocalFree
GetVersionExW
GetFileSize
GetPrivateProfileStringW
HeapFree
VirtualFree
GetProcessHeap

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6574c0e9732583a2ebbff0254710e10

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvfw32

ntdll

advapi32

version

winmm

kernel32

Sections

.text Size: 7KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 5KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 24B

.text
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 5KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 24B