153375b1ddf73b93d72a8454ee4ab8d8_JaffaCakes118

General

Target

153375b1ddf73b93d72a8454ee4ab8d8_JaffaCakes118
Size

503KB
MD5

153375b1ddf73b93d72a8454ee4ab8d8
SHA1

30600439cddaceacd96915a2547d5ada831c7119
SHA256

1dbb42adcd4f1bca2a9868f5489ca1ca8fc88a0a3875cf5c9e0a871efcc153f1
SHA512

d3f325808f88f8432d2fe2a7f986d1447fe6e2632aa0ec53a09ae7144e24f8dd2b47a724fa3df01f13f6a13adc8ab3345d250f5c858b2fe2b4fc604c09b69c91
SSDEEP

12288:TUOYSy2VL+cHJqmdTX39QBl98lg86e3R6KYBOBvmEankOjL7Jr9AuqvFyjB1:TXvqYakB6eYxE9wPLMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
153375b1ddf73b93d72a8454ee4ab8d8_JaffaCakes118

Files

153375b1ddf73b93d72a8454ee4ab8d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76954b4de7d9aeeadaedf32bbba4063b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualAlloc
HeapAlloc
GetTickCount
GetCurrentProcessId
DisableThreadLibraryCalls
InterlockedIncrement
FreeLibrary
LoadLibraryW
lstrcmpiW
ReadFile
VirtualProtect
InitializeCriticalSection
GetProcessHeap
VirtualAlloc
CreateEventW
LoadLibraryA
Sleep
InterlockedExchange
ReadFile
GetVersionExA
LoadLibraryA
CloseHandle
QueryPerformanceCounter
lstrcmpiW
LocalFree
InterlockedIncrement
QueryPerformanceCounter
CreateThread
GetCurrentThreadId
InterlockedIncrement
EnterCriticalSection
CreateEventW
MultiByteToWideChar
GetVersionExA
HeapAlloc
GetVersionExA
GetTickCount
SetLastError
ReadFile
GetCurrentThreadId
LocalAlloc
GetCurrentProcessId
InterlockedDecrement
GetCurrentThreadId
ReadFile
GetSystemTimeAsFileTime
CreateFileW
HeapDestroy
InterlockedCompareExchange
CloseHandle
GetProcAddress
CreateFileW
DisableThreadLibraryCalls
LoadLibraryW
VirtualProtect
ReadFile
CloseHandle

gdi32

SetWindowExtEx
SelectObject
StretchBlt
PatBlt
SetTextColor
GetWindowOrgEx
StretchBlt
BitBlt
CreateRectRgn
CreatePen
CreateFontA
SetPixel
CreateFontIndirectA
CreateBitmap
GetBrushOrgEx
SetTextColor
GetWindowOrgEx
SetBkColor
SetPixel
CreateBitmapIndirect
SetTextColor
SetWindowOrgEx
CreateBitmapIndirect
CreateCompatibleDC
SetTextColor
LineTo
CombineRgn
SetWindowOrgEx
CombineRgn
CreatePen
CreatePen
BitBlt
GetBrushOrgEx
SetTextColor
LineTo
PatBlt
BitBlt
StretchBlt
SetBkMode
RoundRect
CreateSolidBrush
SetWindowOrgEx
CreateRectRgn
CreateSolidBrush
BitBlt
GetCurrentObject
CreateBitmapIndirect
PatBlt
SetTextColor
SetPixel
CreateCompatibleDC
BitBlt
SetPixel
CombineRgn
RoundRect
GetWindowExtEx
SetBkMode
Polygon

Sections

.text
Size: 498KB - Virtual size: 964KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76954b4de7d9aeeadaedf32bbba4063b

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 498KB - Virtual size: 964KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 498KB - Virtual size: 964KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB