13cf61c1898cba2e3702815ffe86c5d7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13cf61c1898cba2e3702815ffe86c5d7_JaffaCakes118
Size

355KB
MD5

13cf61c1898cba2e3702815ffe86c5d7
SHA1

ff7617c346578773cb7fa682601e3e58a5a8747e
SHA256

d621031fee52097d983991581a1f4276af3992ef0861a1726f4a39f762b363ac
SHA512

08abf3da58b9356732d7885d49a89959b2f4a3af0944b9d2bbe6550b34ffc00d94102a6dd9acc3154676b4869e654ada666c8bb2fa82acfa2237bedef7dec9a7
SSDEEP

6144:LM6cwNbJjHX9Zxvm653kaQyTK+i8M0ompbHd4TpED/dJff+Y5:5rbJtzkXyTe8M0NV/xfb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13cf61c1898cba2e3702815ffe86c5d7_JaffaCakes118

Files

13cf61c1898cba2e3702815ffe86c5d7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8436002aa6c156e2145d19375db4e249

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2971
ord3076
ord2980
ord3257
ord2854
ord4459
ord3254
ord3142
ord6238
ord823
ord4270
ord765
ord567
ord3693
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord3131
ord2977
ord5273
ord2116
ord2438
ord6051
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord825

msvcrt

??1type_info@@UAE@XZ
wcslen
__CxxFrameHandler
_ftol
?terminate@@YAXXZ
_except_handler3

dinput

DirectInputCreateW

user32

DestroyIcon
ChildWindowFromPoint
IsWindowVisible
GetMessageTime
GetCursorPos
CreateWindowExW
RegisterDeviceNotificationW
IsWindow
ScreenToClient
LoadImageW
MapWindowPoints
InvalidateRect
SetRect
GetSysColor
EnableWindow
RedrawWindow
GetWindowRect
GetSystemMetrics
MessageBoxW
WinHelpW
UnregisterClassW
DestroyWindow
SendMessageW
GetWindowDC
SetTimer
GetClientRect
LoadStringW
wsprintfW
GetParent
PostMessageW
GetDC
ReleaseDC
UnregisterDeviceNotification
KillTimer
SendDlgItemMessageW
SetWindowPos
GetDlgItem
SetWindowLongW
RegisterClassExW
DefWindowProcW
BeginPaint
GetWindowLongW
DrawIconEx
GetWindowTextW
DrawTextW
EndPaint
GetDlgCtrlID

gdi32

CreatePolygonRgn
DeleteDC
BitBlt
DPtoLP
SetMapMode
GetMapMode
SelectObject
CreateCompatibleDC
GetRgnBox
GetStockObject
SetBkColor
Ellipse
SetDCPenColor
SetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
LineTo
MoveToEx
CreatePenIndirect
GetDeviceCaps
CreateFontW
CreateSolidBrush
ExtTextOutW
DeleteObject
SetBkMode
PaintRgn
SetTextColor

kernel32

InitializeCriticalSection
LocalFree
GetLastError
MulDiv
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
EnterCriticalSection
Sleep
lstrlenW

advapi32

RegQueryValueExW
RegCloseKey

shlwapi

StrCpyNW
StrDupW
StrNCatW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ik
Size: 2KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ocode
Size: 2KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kpack0
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gddg8
Size: 2KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaoq
Size: 2KB - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oxcodex
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0x0x1
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8436002aa6c156e2145d19375db4e249

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

msvcrt

dinput

user32

gdi32

kernel32

advapi32

shlwapi

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 2KB - Virtual size: 13B

.ndata Size: 2KB - Virtual size: 364B

.ik Size: 2KB - Virtual size: 48B

.ocode Size: 2KB - Virtual size: 132B

.kpack0 Size: 188KB - Virtual size: 187KB

.gddg8 Size: 2KB - Virtual size: 156B

.iaoq Size: 2KB - Virtual size: 260B

.oxcodex Size: 2KB - Virtual size: 2KB

.0x0x1 Size: 2KB - Virtual size: 512B

.0x0x Size: 190KB - Virtual size: 189KB

.CRT Size: 2KB - Virtual size: 12B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 2KB - Virtual size: 382B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 2KB - Virtual size: 13B

.ndata
Size: 2KB - Virtual size: 364B

.ik
Size: 2KB - Virtual size: 48B

.ocode
Size: 2KB - Virtual size: 132B

.kpack0
Size: 188KB - Virtual size: 187KB

.gddg8
Size: 2KB - Virtual size: 156B

.iaoq
Size: 2KB - Virtual size: 260B

.oxcodex
Size: 2KB - Virtual size: 2KB

.0x0x1
Size: 2KB - Virtual size: 512B

.0x0x
Size: 190KB - Virtual size: 189KB

.CRT
Size: 2KB - Virtual size: 12B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 2KB - Virtual size: 382B