dcbd19db9771c9f08e4edbc64126312c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcbd19db9771c9f08e4edbc64126312c_JaffaCakes118
Size

474KB
MD5

dcbd19db9771c9f08e4edbc64126312c
SHA1

1a6c56981671fc3e1894c0fc758c21b28289d8eb
SHA256

dc870e6a87e24881ef79189cb75c57517d78bf1f65e7668a0675e996300eb710
SHA512

6507dc625a1b0145a9644707091183a77398a6d9bd60ada9d2b8beeae2b1d4090d86d3640f6727b4c7ee1cf911d4970585c6a237e9ff3078e67bc235596d72bc
SSDEEP

12288:73KE5B1/xvPCBoJzna+bZNN6iffRfgK7fFNrqLABK:7aE5RvVznpfnnOK7bA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcbd19db9771c9f08e4edbc64126312c_JaffaCakes118

Files

dcbd19db9771c9f08e4edbc64126312c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

51fcb47a6e83b4c74ee5e84ee467c121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
PostQuitMessage
SetWindowPos
IsWindow
DispatchMessageA
GetDC
ReleaseDC
SendMessageA
GetClientRect
MsgWaitForMultipleObjects
DestroyWindow
GetMessageA
GetParent
DefWindowProcA
ShowWindow
PeekMessageA
TranslateMessage
GetWindow
EnableMenuItem
GetWindowLongA
CreateWindowExA
FillRect
EndPaint
MapWindowPoints
BeginPaint
SetFocus
GetWindowRect
IsIconic
SetCapture
ReleaseCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
wsprintfA
GetDlgItem
ScreenToClient
LoadCursorA
GetDesktopWindow
EndDialog
MessageBeep
GetSysColor
PostMessageA
GetKeyState
SystemParametersInfoA
IsWindowVisible
GetFocus
InvalidateRect
SetCursor

advapi32

RegSetValueExA
RegDeleteValueA
RegSetValueExW
OpenProcessToken
RegCreateKeyExA
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExA
RegQueryValueExW

kernel32

GetEnvironmentStringsW
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetFileAttributesW
GetCommandLineW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
SetErrorMode
FreeEnvironmentStringsW
GetTempPathA
WideCharToMultiByte
GetStringTypeA
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
GetExitCodeProcess
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
InterlockedDecrement
GetEnvironmentVariableA
RtlUnwind
LocalAlloc
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
IsValidCodePage
SizeofResource
SetStdHandle
InterlockedExchange
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
GlobalUnlock
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
GetModuleFileNameW
GetTimeZoneInformation
ExpandEnvironmentStringsA
WaitForMultipleObjects
FindFirstFileW
CompareStringA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
SetEvent
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
CreateEventA

gdi32

CreateCompatibleDC
DeleteDC
DeleteObject
SetTextColor
SelectObject

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51fcb47a6e83b4c74ee5e84ee467c121

Headers

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

ole32

Sections

.text Size: 402KB - Virtual size: 402KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 25KB - Virtual size: 28KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 402KB - Virtual size: 402KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 25KB - Virtual size: 28KB

.rsrc
Size: 7KB - Virtual size: 7KB