da61cb48ee5fa9cca1756217d91d0582_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da61cb48ee5fa9cca1756217d91d0582_JaffaCakes118
Size

260KB
MD5

da61cb48ee5fa9cca1756217d91d0582
SHA1

77d2bd9923d332f59ab3340ddffa0953308567f4
SHA256

ed8300294df8b1f3bd28fdcf3e0448a26a61ee07e440026b134652641a0b2fd4
SHA512

4b108fd0d220806bcbc61143da95dac9e977bdae61a6b86b73816994bf20bb14435868d0746775d065bc4807bbd699abd98f58bb57483b7e8067f9b124c148aa
SSDEEP

6144:ysdp1HWfHlE/Wx6CwyYJDfnBdSDIgzf6TUE9:ysdp1PAmrB0Ig8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da61cb48ee5fa9cca1756217d91d0582_JaffaCakes118

Files

da61cb48ee5fa9cca1756217d91d0582_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e46711dd10d834e17aa6c9a89a81532

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
ReadProcessMemory
CreateEventW
GetModuleHandleW
FindResourceExW
DeleteFileW
LockResource
FindNextFileW
GetSystemTime
GetCurrentProcessId
TerminateThread
GlobalAlloc
FileTimeToSystemTime
FindClose
DuplicateHandle
lstrcpyW
GlobalFree
GetCurrentProcess
InterlockedIncrement
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
InterlockedDecrement
GlobalLock
VirtualAlloc
CreateFileW
MultiByteToWideChar
GetLogicalDrives
FindFirstFileW
FreeResource
WideCharToMultiByte
CloseHandle
CreateWaitableTimerW
ResetEvent
CreateThread
GetPrivateProfileStringW
CancelWaitableTimer
GetCurrentThread
MulDiv
GetModuleFileNameW
SetEndOfFile
GlobalUnlock
SetFilePointer
ResumeThread
WritePrivateProfileStringW

user32

IsWindow
ReleaseCapture
TranslateMessage
IsDlgButtonChecked
SetDlgItemTextW
SetForegroundWindow
EndDialog
MessageBoxW
GetSystemMetrics
SetWindowTextW
PostQuitMessage
SetCursor
SendDlgItemMessageW
LoadImageW
FillRect
GetClassNameW
WindowFromPoint
VkKeyScanW
SystemParametersInfoW
DestroyMenu
TrackPopupMenu
GetKeyState
DialogBoxParamW
CreatePopupMenu
GetMessageW
GetSysColor
CreateWindowExW
LoadBitmapW
GetWindowDC
UpdateWindow
RedrawWindow
SetCursorPos
EnableWindow

gdi32

GetMapMode
SetBkMode
SetDIBits
GetStockObject
BitBlt
SetMapMode
StretchBlt
DPtoLP
CreateSolidBrush
CreateBitmap
GetObjectW
SetTextColor
LineTo
CreateFontIndirectW
MoveToEx

advapi32

GetUserNameW
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorDacl
RegQueryValueExW
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconW

ole32

CoUninitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
SysFreeString

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e46711dd10d834e17aa6c9a89a81532

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 16KB