0f4f3f7a44f4d3c9da8524b5106766ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f4f3f7a44f4d3c9da8524b5106766ee_JaffaCakes118
Size

26KB
MD5

0f4f3f7a44f4d3c9da8524b5106766ee
SHA1

2dacaee12f5e8a35c9fa075031ac6c91d8b22129
SHA256

779124ed3734e9a884d677aa99e6604e9a5fa68c30c2a23ef2052ea173287637
SHA512

1e314b8f88f27919eace334bd8323db7c2f867ad4716d3aab20d0fe0116f3f8d1a5f9f6979618347c1231a6398b485f085673e595d632c129be0c4388cb472d6
SSDEEP

768:ND+oQltLHbwYVh1fHSOcCZ/Nnf1ghw0pNZR:ND+oQleYVhlRNnf1gPbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f4f3f7a44f4d3c9da8524b5106766ee_JaffaCakes118

Files

0f4f3f7a44f4d3c9da8524b5106766ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efdbfce3353ec441be28c019d013d402

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegSetValueExW
OpenProcessToken
RegOpenCurrentUser
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
CheckTokenMembership
RegQueryValueW
FreeSid
RegCreateKeyW
RegOpenKeyExA
RegQueryValueExW
AllocateAndInitializeSid

atl

AtlModuleRegisterClassObjects

ntdll

RtlAddAuditAccessAceEx

gdi32

CreateFontW
Arc
CreateRoundRectRgn
GetClipRgn
GetDeviceCaps
CreateSolidBrush
SelectPalette
SetDIBColorTable
CreateFontIndirectW
GetNearestColor
GetCharWidthA
GetViewportExtEx
ExtSelectClipRgn
FillRgn
Rectangle
SetPixelV
GetPaletteEntries
SetBkColor
SelectObject
LineTo
CreatePolygonRgn
CreateDIBSection
SetDIBits
BitBlt
GetCharWidthW
ExtTextOutA
GetTextMetricsW
FrameRgn
StretchBlt
CombineRgn
RestoreDC
GetObjectW
GetTextColor
GetStockObject
StretchDIBits
GetTextExtentPoint32W
GetPixel
CreateRectRgnIndirect
GetTextExtentPointW
OffsetWindowOrgEx
EnumFontFamiliesExW
Polyline
TranslateCharsetInfo
ExtTextOutW
CreateBitmap
MoveToEx
RectVisible
SetTextAlign
Ellipse
CreatePalette
SetPixel
CreateBitmapIndirect
GetTextExtentPointA
GetCurrentObject
CreatePen
ExcludeClipRect
SaveDC
MaskBlt
GetDIBits
SetBrushOrgEx
GetBkColor
GetDCOrgEx
GetDIBColorTable
RealizePalette
DeleteDC
DeleteObject
UnrealizeObject
OffsetRgn
GetTextCharsetInfo
GetTextAlign
SetBkMode
GetClipBox
SetTextColor
GetBitmapBits
CreateCompatibleBitmap
TextOutW
PatBlt
IntersectClipRect
CreateHalftonePalette
SelectClipRgn
CreateRectRgn
SetWindowOrgEx
GetWindowExtEx
CreateCompatibleDC
CreatePatternBrush

ddraw

DirectDrawCreate

kernel32

GetVersionExA
GetSystemTimeAsFileTime
VirtualFree
GlobalUnlock
UnhandledExceptionFilter
GetUserDefaultLangID
GetEnvironmentStringsW
GetStdHandle
LockResource
lstrlenA
GetCPInfo
GetLocaleInfoA
SetFilePointer
FindResourceExA
GlobalReAlloc
GlobalHandle
GetThreadLocale
GetCurrentProcessId
SetLastError
LoadLibraryA
VirtualProtect
TlsAlloc
GlobalAlloc
LoadLibraryW
DisableThreadLibraryCalls
GlobalFree
LCMapStringA
HeapFree
GetModuleFileNameA
GlobalAddAtomW
SizeofResource
TlsGetValue
CreateFileW
InterlockedDecrement
LocalSize
DeleteCriticalSection
GetProcessHeap
LCMapStringW
GetOEMCP
FreeEnvironmentStringsW
EnumResourceLanguagesW
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
LocalFree
GetSystemInfo
InterlockedIncrement
GetProcAddress
lstrlenW
HeapReAlloc
HeapDestroy
TlsFree
lstrcpynW
GetCurrentThreadId
SetHandleCount
GetCurrentProcess
GetModuleFileNameW
CreateEventW
MapViewOfFile
GetStartupInfoA
UnmapViewOfFile
SetUnhandledExceptionFilter
VirtualQuery
SetEvent
WriteFile
LocalReAlloc
GetACP
lstrcmpiA
LoadResource
Sleep
EnumCalendarInfoW
MultiByteToWideChar
lstrcmpW
FreeEnvironmentStringsA
EnterCriticalSection
GetEnvironmentStrings
FreeLibrary
GetUserDefaultLCID
lstrcmpA
InitializeCriticalSection
GetFileSize
CreateThread
GetSystemDefaultLCID
CompareStringW
SetStdHandle
GetNumberFormatW
FlushFileBuffers
VirtualAlloc
GetLastError
LocalAlloc
HeapCreate
ExitProcess
InterlockedExchange
LeaveCriticalSection
GetWindowsDirectoryW
GetStringTypeExW
GetTimeFormatW
FindResourceW
GetModuleHandleA
TerminateProcess
GetStringTypeA
GetCommandLineA
IsBadWritePtr
GetDateFormatW
QueryPerformanceCounter
MulDiv
GetModuleHandleW
CompareStringA
IsBadReadPtr
FindResourceExW
FreeResource
lstrcmpiW
GetLocaleInfoW
GetLocalTime
GetTickCount
CloseHandle
GetFileType
CreateFileMappingW
HeapAlloc
InterlockedCompareExchange
GetStringTypeW

Sections

.text
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efdbfce3353ec441be28c019d013d402

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

atl

ntdll

gdi32

ddraw

kernel32

Sections

.text Size: 1024B - Virtual size: 1004B

.idata Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 13KB - Virtual size: 13KB

.data Size: 1KB - Virtual size: 80KB

.text
Size: 1024B - Virtual size: 1004B

.idata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 13KB - Virtual size: 13KB

.data
Size: 1KB - Virtual size: 80KB