bd0ccf6c5ed6b2f4a925a8d086d7ae6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd0ccf6c5ed6b2f4a925a8d086d7ae6c_JaffaCakes118
Size

281KB
MD5

bd0ccf6c5ed6b2f4a925a8d086d7ae6c
SHA1

d5e66b0ca7524df074faeee60f41f34662d74208
SHA256

1c4936f62e42199ee3b4804d209b7a66d349cca201d1639457df8a78c0313202
SHA512

a6451b87ee7da321e399fb5e7523a03bb6f1e9b3f4b13718d921761bb392dbc5c6d0c6cdce35f5345e50e763ba6a21fc2f2ebb6d7e4da2e070e36c89aeeddb3e
SSDEEP

6144:dyQPjWAOE2tPBG0RVq0KdlCFhxMm+ET7MGfk39kjL:sWjWAj2tY0W00C7H+ET7Bfo6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd0ccf6c5ed6b2f4a925a8d086d7ae6c_JaffaCakes118

Files

bd0ccf6c5ed6b2f4a925a8d086d7ae6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79dc7547cc95536ae37134476e9d6167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetUserDefaultLangID
TerminateThread
DeleteFileW
SizeofResource
InterlockedDecrement
VirtualFree
WritePrivateProfileStringW
GetCurrentThread
GetPrivateProfileStringW
FindFirstChangeNotificationW
lstrcpyW
ReadFile
GlobalDeleteAtom
ReadProcessMemory
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
WaitForSingleObject
SetCurrentDirectoryW
GetFileAttributesW
GetProcAddress
FindResourceExW
GlobalAddAtomW
CreateWaitableTimerW
DuplicateHandle
FindFirstFileW
LockResource
GetLocalTime
GlobalLock
SetLastError
CreateEventW
WriteFile
MoveFileW
GetFileAttributesExW
GetModuleFileNameW
GetVersion
SetThreadPriority
GetCurrentProcess
SetEvent
WaitForMultipleObjects
FreeLibrary
CreateProcessW

user32

PostMessageW
CreatePopupMenu
wsprintfW
LoadIconW
SetWindowTextW
SetForegroundWindow
UpdateWindow
GetParent
IsDlgButtonChecked
GetDlgItem
EndDialog
DialogBoxParamW
DefWindowProcW
GetSysColor
DrawTextW
SetLayeredWindowAttributes
AppendMenuW
SendDlgItemMessageW
VkKeyScanW
GetWindowTextW
GetCursorPos
PostThreadMessageW
DestroyMenu
ReleaseCapture
WindowFromPoint
OffsetRect
GetKeyState
RedrawWindow
TrackPopupMenu
LoadImageW
InvalidateRect

gdi32

CreateCompatibleBitmap
GetObjectW
CreateSolidBrush
CreateCompatibleDC
GetClipBox
LineTo
CreateICW
CreateBitmap
CreateRoundRectRgn
SetMapMode
DPtoLP
SetBkColor
GetDeviceCaps
Rectangle
BitBlt
CreatePen
SelectObject

advapi32

GetUserNameW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

SHChangeNotify

ole32

CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79dc7547cc95536ae37134476e9d6167

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB