bf9ff90ae7f7a73bfcf25eab2a77878e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf9ff90ae7f7a73bfcf25eab2a77878e_JaffaCakes118
Size

82KB
MD5

bf9ff90ae7f7a73bfcf25eab2a77878e
SHA1

22d0f4fd0e403a05f43962cf4c314e70226b1514
SHA256

317baf164aaa511379be7f10156fbe7714971000c9e577b15df4e97630f1ca8a
SHA512

3c8f278a6f3a928cfcd4da7e8896ae017ae4ee7271a7b804ad2c7bfc686ff652e3fc153a91d62c93fc4dc10cdb0bcdf6b68a09e707da6d14e02e751e94dcad64
SSDEEP

1536:SLeL83CUE9km8x3/iFiWV2SNiRQGOBLEhBaTEO0Y0MKltz:SLeL83q6mq3/hWRGOBAvaTbFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf9ff90ae7f7a73bfcf25eab2a77878e_JaffaCakes118

Files

bf9ff90ae7f7a73bfcf25eab2a77878e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b5f00ededcd3a0f16e2ca193094303d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advpack

RegInstall

atl

AtlMarshalPtrInProc

user32

SendMessageA
SendDlgItemMessageA
ReleaseDC
TranslateMessage
CharPrevA
CheckDlgButton
MsgWaitForMultipleObjects
SetDlgItemTextA
CharUpperA
IsDlgButtonChecked
SetWindowLongA
IsWindow
EnableWindow
DrawTextA
SetWindowPos
GetWindowTextA
LoadStringA
IsDialogMessageA
LoadBitmapA
SetWindowTextA
DispatchMessageA
DialogBoxParamA
MessageBoxA
InvalidateRect
wsprintfA
DestroyIcon
ShowWindow
CreateDialogParamA
DestroyWindow
PeekMessageA
GetWindowRect
LoadImageA
GetDlgItem
GetWindowLongA
GetSysColor
EndDialog
GetDC
GetClientRect

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

ntdll

NtAddAtom

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

GetObjectA
GetDeviceCaps
SetBkColor
DeleteObject
DeleteDC
CreateFontIndirectA
SetWindowOrgEx
RestoreDC
SetViewportOrgEx
SelectObject
GetTextMetricsA
ExtTextOutA
DPtoLP
SaveDC
BitBlt
SetTextColor
SetGraphicsMode
CreateSolidBrush
CreateCompatibleDC
ModifyWorldTransform

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA

kernel32

VirtualAlloc
GetDiskFreeSpaceA
HeapAlloc
CloseHandle
LoadLibraryA
FreeLibrary
GetModuleHandleA
lstrcmpiA
InterlockedIncrement
SetEvent
LocalAlloc
InterlockedDecrement
lstrcpynA
GetProcessHeap
HeapSize
GetProcAddress
lstrcpyA
CreateEventA
DeleteCriticalSection
GetWindowsDirectoryA
lstrcmpA
HeapReAlloc
HeapFree
DisableThreadLibraryCalls
lstrcatA
CreateThread
CreateFileA
LocalFree
InitializeCriticalSection
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b5f00ededcd3a0f16e2ca193094303d

Headers

DLL Characteristics

File Characteristics

Imports

advpack

atl

user32

ole32

ntdll

version

gdi32

advapi32

kernel32

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 428B

.idata Size: 79KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 79KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B