d13dc30c5a82e606839f66b13e12724c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d13dc30c5a82e606839f66b13e12724c_JaffaCakes118
Size

285KB
MD5

d13dc30c5a82e606839f66b13e12724c
SHA1

5a8ea14fc8a34ade7adb12d3d338fcf9cd56c236
SHA256

4e00397e9ce4e827ca8744c6771fe8e1a220bc90c0945621189f0a26c0c5c20f
SHA512

6f4a6956d75abde9e920166ae7360f0bfb93ff2fe841604caf682abae087889e5accc78790078cc8fc0d7d10f804b439e9771ac0d815549bf31fb22f0b7cfb95
SSDEEP

6144:dp8WTnJXHjpsBZQ5QkGc1nACyun8pms9x9E786bkXd6XM:deWTnRHjpKZ8P1ACyunSms1BxXd6XM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13dc30c5a82e606839f66b13e12724c_JaffaCakes118

Files

d13dc30c5a82e606839f66b13e12724c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCurrentThread
GetSystemTime
InterlockedDecrement
LoadLibraryW
GetTickCount
GetLocalTime
GetDriveTypeW
TerminateThread
CloseHandle
FindNextChangeNotification
GetUserDefaultLangID
CreateEventW
FileTimeToSystemTime
GetVersion
ResumeThread
MoveFileW
GlobalUnlock
GetProcAddress
lstrcpyW
lstrlenW
FindClose
GetFileSize
CreateThread
WriteFile
FindResourceW
GetModuleFileNameW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
LoadResource
SetEndOfFile
GetCurrentProcessId
InterlockedIncrement
WritePrivateProfileStringW
FindFirstChangeNotificationW
CancelWaitableTimer
GlobalLock
SizeofResource
QueryDosDeviceW
FindResourceExW
GlobalAddAtomW
GetCurrentThreadId
CreateFileW
LockResource
WaitForSingleObject
ResetEvent
GetFileAttributesW
VirtualAlloc
GetPrivateProfileStringW
GetFileAttributesExW
FreeLibrary
MulDiv

user32

GetWindowDC
GetClassNameW
SetWindowPos
DestroyIcon
DestroyMenu
PostThreadMessageW
CreateWindowExW
InvalidateRect
LoadBitmapW
MessageBoxW
GetDlgItem
TrackPopupMenu
DispatchMessageW
ReleaseDC
RegisterClassExW
SetForegroundWindow
GetWindowThreadProcessId
SendMessageW
GetSystemMetrics
AppendMenuW
GetSysColor
RegisterWindowMessageW
GetCursorPos
FillRect
wsprintfW
SendDlgItemMessageW
EnableWindow
SetCapture
LoadIconW
OffsetRect
DialogBoxParamW
SetWindowTextW
IsDlgButtonChecked
SetCursorPos
ReleaseCapture
GetWindowRect
CreatePopupMenu
LoadStringW
UpdateWindow
RedrawWindow
DefWindowProcW
DrawTextW
LoadCursorW
IsWindow
RegisterHotKey

gdi32

SelectObject
SetBkColor
LineTo
BitBlt
CreatePen
DeleteObject
GetClipBox
SetMapMode
GetStockObject
StretchBlt
SetTextColor
SetBkMode
GetObjectW
CreateCompatibleBitmap
CreateDCW
DPtoLP
CreateBitmap

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

Shell_NotifyIconW

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 27KB