13871d56d413b01593aeee7349ac5baf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13871d56d413b01593aeee7349ac5baf_JaffaCakes118
Size

260KB
MD5

13871d56d413b01593aeee7349ac5baf
SHA1

d99620a1542c7312d278e6be610c7f3882100250
SHA256

359874202e179ac2786cc56ccc45bd7a0ec155cbe3fe29ee823d914040b44075
SHA512

cd00ef1cb819c018e7e353e2db11fba41baab11f2e52e3a2697056c1a868e72b018518b31fc45b2f8a095c387a0f2bc5ca16a46ef3e3fdd17610dac4913da2fd
SSDEEP

6144:a7oDsPw+03Hcg5CwmdBK5Mpy8nUbPQnbW8cbs:a7oDsof3HcoCwmrKh8nKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13871d56d413b01593aeee7349ac5baf_JaffaCakes118

Files

13871d56d413b01593aeee7349ac5baf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a811e198b8178258af63b3aa7facc21a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
DeleteFileW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
lstrlenW
GetStartupInfoA
lstrcpynW
lstrcatW
WriteFile
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
LoadLibraryA
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetShortPathNameW
GetProcAddress
CreateFileW
CloseHandle
CreateFileA
VirtualAllocEx
GetPrivateProfileIntW

user32

LoadStringW
SetFocus
ExitWindowsEx
LoadIconA
LoadIconW
SetForegroundWindow
FindWindowW
MessageBoxW

gdi32

CreateCompatibleBitmap
TextOutW
StretchBlt
SetTextColor
SetRectRgn
SetPixel
SetBkColor
SelectObject
PatBlt
MoveToEx
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateICW
CreateFontIndirectW
CreateCompatibleDC
GetPixel
CombineRgn
GetStockObject
BitBlt

advapi32

RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegFlushKey
RegCloseKey
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
exit
isdigit
mbstowcs
rand
setlocale
srand
time

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text7
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text5
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a811e198b8178258af63b3aa7facc21a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 224KB - Virtual size: 224KB

.text7 Size: 2KB - Virtual size: 1KB

.text5 Size: 2KB - Virtual size: 1KB

.text4 Size: 2KB - Virtual size: 1KB

.text3 Size: 2KB - Virtual size: 1KB

.text2 Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 224B

.data Size: 1KB - Virtual size: 1KB

.text6 Size: 2KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 113KB

.text
Size: 224KB - Virtual size: 224KB

.text7
Size: 2KB - Virtual size: 1KB

.text5
Size: 2KB - Virtual size: 1KB

.text4
Size: 2KB - Virtual size: 1KB

.text3
Size: 2KB - Virtual size: 1KB

.text2
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 224B

.data
Size: 1KB - Virtual size: 1KB

.text6
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 113KB