dd6320b125131dabd2a8215d5dae2fa4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd6320b125131dabd2a8215d5dae2fa4_JaffaCakes118
Size

361KB
MD5

dd6320b125131dabd2a8215d5dae2fa4
SHA1

8ad8efc9d656d4525b9d00743774fbbed79bacda
SHA256

c24c7641930fef4c547f3fe70a8a9adf1eb5318876f1dece044f640377b5c01a
SHA512

abeb8162720d6f9d4fd112146a9b5b5f76463258740daedfa6e2b1d22d89cae5abe5e1a8f3931b6979a4714250883b3cac862ae33dd430cebd24538a888af1a7
SSDEEP

6144:UFBBSls5rfh8Y9lt7Xon2u6hcjTSShc8KDdI1NXxNdWHJRbKnajjETh2gPoL:cBBSl+rfh8sLq2udjtnKu1HOJROajjEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd6320b125131dabd2a8215d5dae2fa4_JaffaCakes118

Files

dd6320b125131dabd2a8215d5dae2fa4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3d90f0936e5019ce459fae651e906a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

cryptsvc.pdb

Imports

ntdll

atoi
memmove
_ftol

user32

PostMessageW
LoadStringA
IsWindow
TranslateMessage
DispatchMessageW
BeginPaint
EndPaint
DefWindowProcW
SetTimer
GetClipboardData
KillTimer
MsgWaitForMultipleObjects
SetWindowLongW
SendMessageW
EqualRect
ClientToScreen
MessageBeep
wvsprintfW
GetMessageW
PeekMessageW
SetCursor
GetDC
GetClientRect
SetRect
UpdateWindow
LoadCursorW
GetClassInfoW
wsprintfW
GetWindowLongW
GetParent
CreateWindowExW
LoadStringW
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassW
OpenClipboard
InvalidateRect
ReleaseDC
wsprintfA
GetAsyncKeyState
MessageBoxW

kernel32

GetModuleHandleA
IsBadStringPtrW
LoadLibraryA
DeleteFileW
IsBadWritePtr
IsBadCodePtr
lstrcmpiW
LocalUnlock
GetPrivateProfileStringW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
lstrcatA
GetModuleHandleW
DeleteCriticalSection
GetACP
IsBadHugeReadPtr
GetFileAttributesW
HeapFree
GetProcessHeap
HeapAlloc
GlobalFree
GlobalUnlock
lstrcpyW
GlobalLock
GlobalAlloc
lstrlenW
lstrcpynW
LocalFree
WideCharToMultiByte
LocalAlloc
GetModuleFileNameW
lstrcatW
LocalHandle
MultiByteToWideChar
LocalLock
lstrlenA
DisableThreadLibraryCalls
QueryPerformanceCounter
MulDiv
QueryPerformanceFrequency
Sleep
GetVersionExW
GetSystemInfo
VirtualAlloc
VirtualFree
GlobalMemoryStatusEx
GlobalHandle
SetEvent
FreeLibrary
CloseHandle
GlobalReAlloc
lstrcpyA
WaitForSingleObject
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetLocalTime
CreateEventW
CreateThread
GetFileSize
GetOverlappedResult
GetLastError
WriteFile
SetFilePointer
CreateFileW
GetDiskFreeSpaceW
LoadLibraryW
GetCurrentThreadId

gdi32

DeleteObject
CreatePalette
GetStockObject
GetDCOrgEx
SelectObject
PatBlt
GetObjectW
GetPaletteEntries
GetNearestPaletteIndex
SetWindowOrgEx
RealizePalette
SelectPalette
GetClipBox
GetDeviceCaps
GetSystemPaletteEntries

winmm

SendDriverMessage
OpenDriver
CloseDriver
mmioDescend
mmioRead
mciSendStringW
mmioAscend
mmioOpenW
mmioClose
mmioWrite
waveInStart
waveInStop
waveOutGetNumDevs
mmioCreateChunk
mmioFlush
waveInReset
waveInUnprepareHeader
waveInClose
waveInOpen
waveInPrepareHeader
waveInAddBuffer
timeGetTime
mmioSeek

advapi32

RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyA
RegQueryValueExA
RegCreateKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameEnd
DrawDibDraw
ICSeqCompressFrameStart
DrawDibGetPalette
DrawDibBegin
ICImageDecompress
DrawDibOpen
ICCompressorFree
DrawDibClose
ICCompressorChoose
DrawDibRealize

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3d90f0936e5019ce459fae651e906a8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

user32

kernel32

gdi32

winmm

advapi32

version

msvfw32

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 292KB - Virtual size: 711KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 292KB - Virtual size: 711KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 10KB - Virtual size: 10KB