0d19c7719170e4387756810d1beee9dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d19c7719170e4387756810d1beee9dd_JaffaCakes118
Size

76KB
MD5

0d19c7719170e4387756810d1beee9dd
SHA1

9657ee6ab9dc6b5e195a20fba73acf39b8682f7e
SHA256

b359f75f99ab3e100dee85e10bbbce8e81ad65aa66ac3b49a4bd304a6c600f97
SHA512

ee9302f82aebe94c71d534449d9d973fded49c4d2219146d79d9e3aa302f972f52119210e95c7bf629420069120a9b045903eb88d19899a9d8fd5bd4a25416ce
SSDEEP

768:9kJV24LZ9yvgD0UznukUHWRgqTGGct/j4TcQ7pbmd3ywFgHgMTFMN:9iVZ+89znukU21TZct/j9DByHH12N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d19c7719170e4387756810d1beee9dd_JaffaCakes118

Files

0d19c7719170e4387756810d1beee9dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

588aa91488c73a268227718a33f035c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

DispatchMessageA
ReleaseDC
GetSysColorBrush
CharUpperBuffW
DispatchMessageA
ClientThreadSetup
ClientThreadSetup
GetWindowThreadProcessId
GetDC
ClientThreadSetup
GetMessageW
SetTimer
SetScrollInfo
DispatchMessageA
MsgWaitForMultipleObjectsEx
GetWindowLongA
GetWindowThreadProcessId
WaitMessage
GetCapture
GetThreadDesktop
GetDCEx
DrawTextA
TranslateMessageEx
TranslateMessage
GetShellWindow
GetWindowDC
CharUpperBuffW
TranslateAcceleratorW
GetThreadDesktop
PostMessageW

kernel32

GetSystemTime
WriteProcessMemory
CreateProcessW
TerminateProcess
LoadLibraryExW
WaitForSingleObject
TerminateProcess
LoadLibraryExA
GetSystemTime
WriteProcessMemory
GetSystemTime
WriteProcessMemory
ReadFile
WaitForSingleObject
ReleaseMutex
DeviceIoControl
LoadLibraryExA
LoadLibraryExA
WriteProcessMemory
CreateProcessA
WaitForSingleObjectEx
SleepEx
SleepEx
WaitForSingleObject
GetSystemTime
DeviceIoControl
GetSystemTime
CreateFileA
SleepEx
WriteProcessMemory
VirtualProtect
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
WriteProcessMemory
LoadLibraryA
ReadProcessMemory
ReleaseMutex
GetStartupInfoA
ReadFile
ReadFile
CreateProcessA
ReleaseMutex
WaitForSingleObject
TerminateProcess
VirtualProtect
GetSystemTime
TerminateProcess
CreateProcessA
CreateProcessA
CreateFileA
GetStartupInfoW
ReadFile
LoadLibraryExW
LoadLibraryExA
DeviceIoControl
CreateFileA
CreateProcessW
CreateProcessW
WaitForSingleObject
ReleaseMutex
VirtualProtectEx
LoadLibraryExW
SleepEx
LoadLibraryExW
CreateProcessW
WaitForSingleObject
CreateProcessW
Sleep
ReadFile
GetStartupInfoA
GetStartupInfoW
LoadLibraryExW
GetStartupInfoA
LoadLibraryA
GetSystemTimeAsFileTime
GetStartupInfoA
DeviceIoControl
GetStartupInfoA
Sleep
CreateProcessA
VirtualProtectEx
WaitForSingleObject
SleepEx
LoadLibraryA
ReadFile
GetStartupInfoA
WaitForSingleObjectEx
WaitForSingleObjectEx
CreateProcessW
GetSystemTime
LoadLibraryExW
CreateFileA
SleepEx
LoadLibraryExA
ReadProcessMemory
VirtualProtect
CreateProcessA
GetStartupInfoW
GetStartupInfoW
ReadProcessMemory
ReleaseMutex
WriteProcessMemory
GetSystemTime
GetStartupInfoA
ReadProcessMemory
DeviceIoControl
GetStartupInfoA
WaitForSingleObjectEx
WriteProcessMemory
CreateProcessA
DeviceIoControl
VirtualProtectEx
LoadLibraryA
ReadProcessMemory
ReleaseMutex
WaitForSingleObject
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetSystemTime
TerminateProcess
TerminateProcess
ReadProcessMemory
DeviceIoControl
VirtualProtect
VirtualProtect
LoadLibraryA
CreateFileA
ReleaseMutex
ReadFile
ReadFile
ReadFile
CreateProcessA
DeviceIoControl
ReleaseMutex
DeviceIoControl
WaitForSingleObjectEx
WaitForSingleObjectEx
LoadLibraryExW
LoadLibraryA
ReleaseMutex
CreateProcessW
GetStartupInfoA
CreateProcessW
CreateFileA
GetSystemTimeAsFileTime
CreateProcessW
CreateFileA
GetSystemTime
CreateFileA
SleepEx
WaitForSingleObject
VirtualProtectEx
WaitForSingleObject
GetStartupInfoW
DeviceIoControl
GetStartupInfoA
CreateProcessW
ReleaseMutex
GetStartupInfoA
ReadFile
LoadLibraryExA
WriteProcessMemory
GetStartupInfoA
GetStartupInfoA

advapi32

RegOpenKeyExW
RegQueryValueExW
MakeSelfRelativeSD
RegCloseKey
MakeSelfRelativeSD
AccessCheck
RegOpenKeyExW
OpenThreadToken
GetSecurityDescriptorDacl
OpenThreadToken
RevertToSelf
OpenThreadToken
ImpersonateNamedPipeClient
ImpersonateNamedPipeClient
ImpersonateNamedPipeClient
RevertToSelf
MakeSelfRelativeSD
RegQueryValueExW
AccessCheck
RegCloseKey

gdi32

GetClipBox
GetWindowExtEx
CreateCompatibleBitmap
IntersectClipRect
TextOutW
DeleteObject
BitBlt
SetTextColor
GetTextMetricsW
GetCurrentObject
SetBkColor
GdiDrawStream
RectVisible
SetBkColor
GdiDrawStream
GetDeviceCaps
GetWindowExtEx
GetTextExtentPointW
GetObjectType
GetTextCharsetInfo

comdlg32

GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 92KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

999cv8
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

588aa91488c73a268227718a33f035c6

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 28KB - Virtual size: 92KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

999cv8 Size: 6KB - Virtual size: 8KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 28KB - Virtual size: 92KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

999cv8
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 10KB - Virtual size: 12KB