c23b991475999dbfd81669af3d5180cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c23b991475999dbfd81669af3d5180cf_JaffaCakes118
Size

339KB
MD5

c23b991475999dbfd81669af3d5180cf
SHA1

d1e4758672a92946482365771c56b64e465bf865
SHA256

9545dfcd26f8a6d7a11d8a8630e5cab78bca50c62bae8c296161cebd83ac39d2
SHA512

e3ec7f81086ab3df28d0729ce31e4d7b9abd65dc30018ef78fd11c15fde630cbeb86a500da7143cdc576842d8c576066a4631d93b098e22ee09dd3d7d98f7cb8
SSDEEP

6144:0sc82UfZU5U+Zt5UW03VC4D+j1gw4tADgD1YC33TKtXYTNH:0sc8bBU5Uk3T03Xw9ED3mtXYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c23b991475999dbfd81669af3d5180cf_JaffaCakes118

Files

c23b991475999dbfd81669af3d5180cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a26372063b50a15cca7f6c62ac766d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCommandLineW
SetLastError
GetVersionExA
WaitForSingleObject
WriteFile
SetEvent
SetLastError
WideCharToMultiByte
CreateFileW
LocalAlloc
lstrcmpiW
GetCurrentProcess
CreateFileW
GetCurrentProcess
UnhandledExceptionFilter
lstrcmpiW

gdi32

SetTextAlign
SetBkMode
CreateRectRgn
DeleteObject
SelectPalette
GetTextExtentPoint32W
SetTextAlign
CreateBitmap
SetStretchBltMode
SetStretchBltMode
DeleteObject
SetTextColor
Rectangle
ExtTextOutW
CreateCompatibleDC
GetTextExtentPointW
GetTextMetricsW
GetTextExtentPoint32W
CreateSolidBrush
LineTo
GetObjectW
StretchBlt

advapi32

RegDeleteValueA
QueryServiceStatus
LookupPrivilegeValueW
AllocateAndInitializeSid
RegCreateKeyW
OpenProcessToken
RegQueryValueExW
StartServiceCtrlDispatcherW
OpenServiceW
OpenSCManagerW
StartServiceCtrlDispatcherW
ReportEventW
AddAccessAllowedAce
SetSecurityDescriptorGroup
DeregisterEventSource
OpenProcessToken
ReportEventW
RegQueryValueExW
OpenThreadToken
LookupPrivilegeValueW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyA
RegCloseKey
DeleteService
AdjustTokenPrivileges

shell32

DragFinish
SHGetMalloc
ShellAboutW
DragFinish
ShellExecuteW
SHChangeNotify
SHGetDesktopFolder
SHGetDesktopFolder
SHChangeNotify
SHGetPathFromIDListW
SHGetFileInfoW
DragFinish
SHGetSpecialFolderLocation
ShellExecuteExW
DragQueryFileW
SHGetPathFromIDListW
ExtractIconW
ExtractIconExW
ExtractIconW
SHGetSpecialFolderPathW
DragFinish
SHGetFileInfoW
SHGetDesktopFolder
ShellExecuteW
SHGetFileInfoW
Shell_NotifyIconW

user32

FillRect
CharNextW
UnregisterClassW
GetClassNameW
GetWindowTextW
CreateWindowExW
MessageBoxW
ShowWindow
SetWindowLongA
GetParent
OffsetRect
LoadStringW
PostMessageW
GetMonitorInfoW
GetParent
MapWindowPoints
GetWindowRect
IsClipboardFormatAvailable
GetMessageW
GetFocus
GetDlgItemTextW

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a26372063b50a15cca7f6c62ac766d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

shell32

user32

Sections

.text Size: 7KB - Virtual size: 8KB

.data Size: 65KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.data
Size: 65KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB