bf71e61dc1a1dbd41bb2c67ad61beaa8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf71e61dc1a1dbd41bb2c67ad61beaa8_JaffaCakes118
Size

65KB
MD5

bf71e61dc1a1dbd41bb2c67ad61beaa8
SHA1

4068e89bc383fc9d606c4b3538f27582a5186932
SHA256

c1e4a015c4524f1e0237a5a502debe6034202296086888df32c3d17abef55ab0
SHA512

642fc9461bbfffe8d0e2646557ccc85ba6ce78f12b347747efbed85a36dd6d2af6d2ef8ccdcd5d869da76de614f96eefce4b8b73ec8ee052e744fe5616ed608b
SSDEEP

1536:jbC1MQBTD4a2agNukm6kgS9iX1JoESxPA1jKdK/h:jzQBTD72aqukmTgSzE6to/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf71e61dc1a1dbd41bb2c67ad61beaa8_JaffaCakes118

Files

bf71e61dc1a1dbd41bb2c67ad61beaa8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ffe4252414bc7f414e8ca3c41c95d04a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
GetWindow
SetFocus
EnumThreadWindows
LoadIconA
SetCursor
GetClientRect
SendDlgItemMessageW
DispatchMessageW
SendMessageA
MessageBeep
GetKeyState
OffsetRect
GetCursorPos
LoadIconW
SetScrollPos
IsDlgButtonChecked
GetMessagePos
DrawIcon
DialogBoxParamW
RegisterWindowMessageW
GetWindowLongW
DestroyMenu
DrawEdge
GetDlgCtrlID
CheckMenuItem
SetPropA
DestroyIcon
SetScrollInfo
IsWindowVisible
IsDialogMessageW

msvcrt

_fileno
??1exception@@UAE@XZ
__p__commode
_onexit
__getmainargs
fclose
iswdigit
strchr
calloc
__set_app_type
exit

kernel32

WriteConsoleW
CreateThread
GetTempFileNameW
HeapCreate
SystemTimeToFileTime
GetProcessHeap
GetCurrentThreadId
SetConsoleCtrlHandler
LeaveCriticalSection
CompareStringW
FindNextFileA
FreeResource
LockResource
LoadLibraryA
WritePrivateProfileStringA
GetOEMCP
GetFileAttributesW
VirtualAlloc
GetCurrentDirectoryW
GetConsoleOutputCP
FindResourceExW
RtlUnwind
TerminateThread
CreateMutexW
GetSystemInfo
IsProcessorFeaturePresent

advapi32

RegQueryInfoKeyA
OpenThreadToken
RegSetValueExW
AdjustTokenPrivileges
GetTokenInformation
IsValidSid

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffe4252414bc7f414e8ca3c41c95d04a

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

advapi32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 13KB - Virtual size: 13KB

.data/0x Size: - Virtual size: 286KB

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 13KB - Virtual size: 13KB

.data/0x
Size: - Virtual size: 286KB

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 1024B - Virtual size: 1024B