da77ea61a5ff83aa746b8989ca2d565d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da77ea61a5ff83aa746b8989ca2d565d_JaffaCakes118
Size

396KB
MD5

da77ea61a5ff83aa746b8989ca2d565d
SHA1

e9753e4b54ef1c1dc9a501ae90a12c240ce8e465
SHA256

455fb9428faa097f6eb12eb18f94123a2af7ba7fdaf5803dcd9bde458a494d26
SHA512

3b4957504a04a2b5f1234fdd45438ee78c34373ac503c796c659b56e6e46a6401d33b09a4c6229d041389731bd408c9ac8693bdc6fbc8920456c9b63efdd7166
SSDEEP

6144:HOMB6snMM0CZ95YyW9lAvK5Lc8FO8rS53XBxORldAc8QCPC+T7LskcSntykraZ:HOMrsCVYl9lAvmfuFLtceCs7LskcTVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da77ea61a5ff83aa746b8989ca2d565d_JaffaCakes118

Files

da77ea61a5ff83aa746b8989ca2d565d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9eddb252eb93da409952c53ca12d10c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
__setusermatherr
__p__commode
_cexit
_controlfp
_initterm
rand
isdigit
_acmdln

user32

LoadIconW
wsprintfW
PostMessageW
DrawMenuBar
ShowCursor
SetDlgItemInt
RegisterClassW
GetSysColor
ReleaseDC
LoadAcceleratorsW
SendMessageW
IsIconic
DefWindowProcW
SetCapture
GetDlgItem
InvalidateRect
SetWindowTextW
SetCursor
TranslateAcceleratorW
CreateWindowExW
LoadBitmapW
PostQuitMessage

kernel32

OpenThread
VirtualAllocEx
InterlockedIncrement
IsBadStringPtrA
FreeEnvironmentStringsA
HeapReAlloc
GetSystemTime
lstrcpyA
ExitThread
lstrcmpW
RegisterWaitForInputIdle
ReadFileEx
lstrcmpA
GetFirmwareEnvironmentVariableA
RtlFillMemory
GetTickCount
IsValidLanguageGroup
RtlZeroMemory
GetCurrentProcess
lstrcatW
CreateFileMappingA
HeapCompact
SetThreadExecutionState
LeaveCriticalSection
TerminateThread
DosDateTimeToFileTime
WaitForMultipleObjects
FlushViewOfFile
GetThreadPriority
CreateThread
SetLocaleInfoA
IsValidLocale
InterlockedPopEntrySList
PostQueuedCompletionStatus
ExpandEnvironmentStringsA
WriteFileEx
HeapQueryInformation
HeapAlloc
SetEnvironmentVariableA
FileTimeToDosDateTime
GetLocalTime
InterlockedDecrement
GetSystemTimeAdjustment
lstrlenW
GetUserDefaultUILanguage
ConvertDefaultLocale
InterlockedPushEntrySList
CreateMutexA
GetUserDefaultLangID
WaitForSingleObject
HeapFree
GetSystemTimes
EnumSystemLanguageGroupsA
InterlockedCompareExchange
CreateIoCompletionPort
GetSystemDefaultLangID
RegisterWaitForSingleObjectEx
SetFirmwareEnvironmentVariableA
InitializeCriticalSection
ReadFile
DeleteFileA
SuspendThread
SetFilePointer
lstrcpyW
OpenFileMappingA
CompareStringA
CreateNamedPipeA
GetSystemDefaultLCID
GetStringTypeA
EnterCriticalSection
GetFileAttributesExA
ConnectNamedPipe
ReadFileScatter
GetFileTime
CopyFileA
WaitForSingleObject
WaitForSingleObjectEx
TransactNamedPipe
SetThreadContext
HeapValidate
GetLocaleInfoA
GetUserDefaultLCID
MapViewOfFile
UnmapViewOfFile
HeapUnlock
DisconnectNamedPipe
RegisterWaitForSingleObject
HeapCreate
CreateFileA
GetSystemDefaultUILanguage
GetEnvironmentStringsA
GetQueuedCompletionStatus
HeapDestroy

advapi32

RegDeleteValueW
RegCloseKey

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eddb252eb93da409952c53ca12d10c8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

Sections

.text Size: 245KB - Virtual size: 245KB

.data Size: 141KB - Virtual size: 140KB

.rsrc Size: 9KB - Virtual size: 344KB

.text
Size: 245KB - Virtual size: 245KB

.data
Size: 141KB - Virtual size: 140KB

.rsrc
Size: 9KB - Virtual size: 344KB