bb2a5288c15efc28b6406c318ef05f2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb2a5288c15efc28b6406c318ef05f2c_JaffaCakes118
Size

276KB
MD5

bb2a5288c15efc28b6406c318ef05f2c
SHA1

0a7b7240664d9e0b0f3fd1a3fba27d0ca4423de6
SHA256

263619505dae1e57461da2b849dcfb77999f861536aadbd6d583c9fb86ece802
SHA512

43734c4d5da6294de5ce184b518f6452350be2abca77b1e4677c8105bacba5719dcb3f58522b714aa953baed54768c17d7c3f13c7f1ed56917b6620e52436d96
SSDEEP

6144:zLLWZjmcE6ezaPM3s1MwCN+n5CwbrWjFSEUnRK:3LyJKhN+n1cnI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb2a5288c15efc28b6406c318ef05f2c_JaffaCakes118

Files

bb2a5288c15efc28b6406c318ef05f2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40b935eb8effa5a593e1c6fd68a28c80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
GetPrivateProfileStringW
ReadFile
DeleteFileW
GlobalDeleteAtom
GetTickCount
TerminateThread
GetFileAttributesExW
WaitForMultipleObjects
GetLastError
InterlockedIncrement
SizeofResource
GlobalUnlock
SetEndOfFile
FreeLibrary
GetFileAttributesW
FindFirstChangeNotificationW
GetVersion
GlobalAlloc
GetDriveTypeW
WideCharToMultiByte
Sleep
SetEvent
LockResource
GlobalFree
WriteFile
LoadLibraryW
VirtualFree
GetSystemTime
CreateEventW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
CloseHandle
GlobalLock
WaitForSingleObject
QueryDosDeviceW
ReadProcessMemory
GetProcAddress
SuspendThread
GetLocalTime
FreeResource
CreateWaitableTimerW
MulDiv
GetCurrentProcess
GetModuleFileNameW
FindResourceExW
SetFilePointer
DuplicateHandle
GetFileSize
SetLastError
lstrcpyW
WritePrivateProfileStringW
CancelWaitableTimer
CreateFileW
GetLogicalDrives
SetThreadPriority
MoveFileW
lstrlenW
GlobalAddAtomW
InterlockedDecrement

user32

GetClassNameW
RedrawWindow
LoadImageW
GetWindowRect
wsprintfW
GetWindowDC
GetParent
PostQuitMessage
LoadBitmapW
SetDlgItemTextW
LoadCursorW
SendDlgItemMessageW
DrawTextW
CreateWindowExW
DestroyMenu
AppendMenuW
SetCursorPos
PostThreadMessageW
DispatchMessageW
PostMessageW
VkKeyScanW
OffsetRect
TranslateMessage
ReleaseDC
GetDlgItem
SendMessageW
SystemParametersInfoW
EnableWindow
WindowFromPoint
DefWindowProcW
MessageBoxW
TrackPopupMenu
DestroyIcon
GetKeyState
DialogBoxParamW
SetForegroundWindow
RegisterWindowMessageW
IsWindow
RegisterHotKey
LoadStringW
EndDialog
ReleaseCapture
RegisterClassExW
SetCapture

gdi32

GetObjectW
CreateSolidBrush
CreateBitmap
CreateCompatibleDC
BitBlt
SetDIBits
DeleteObject
CreateRoundRectRgn
SetTextColor
GetClipBox
CreateICW
CreateFontIndirectW
SetBkMode
GetStockObject
SetBkColor
DeleteDC
CreatePen
SelectObject

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
StartServiceW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
LookupPrivilegeValueW

shell32

Shell_NotifyIconW
SHChangeNotify

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40b935eb8effa5a593e1c6fd68a28c80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB