17218d4ba49793def96bfc14ad39a915_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17218d4ba49793def96bfc14ad39a915_JaffaCakes118
Size

129KB
MD5

17218d4ba49793def96bfc14ad39a915
SHA1

99ce7808be4de68c9a7f3f0adb342ac22bc158ba
SHA256

f33c567f35d352cd26e096cba1904ee84bac6efaf4b12230d9c6a39656b126a4
SHA512

162ff797e37ba791e13c2efda1c469221a58860175b0b075102c2cefbcade007d12b67b31c1bc28de13c0ffc850bf2ce3615e30f685dbefed9fd8c55e6ef3eaf
SSDEEP

1536:gbPiJvcQ2jvOzdkxOFeoDXZuqRx3/V0rwkyE6jdT74PpjZ8t8CHH12:gbqKnvwdkx6f7xd1TQFhUV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17218d4ba49793def96bfc14ad39a915_JaffaCakes118

Files

17218d4ba49793def96bfc14ad39a915_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e8e34bfea9fa417b50e462ef8ca21ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetCapture
GetUserObjectInformationW
GetAppCompatFlags2
GetProcessWindowStation
GetAppCompatFlags2
DispatchMessageW
GetSystemMetrics
CharLowerBuffW
IsChild
ClientThreadSetup
GetShellWindow
PeekMessageW
RegisterWindowMessageA
UnregisterClassW
GetCapture
wsprintfA
GetLastInputInfo
GetSystemMetrics
GetSystemMetrics
CharLowerBuffW
GetDCEx
DrawTextA
CharUpperBuffW
GetSysColor
RegisterWindowMessageA
GetSysColorBrush
GetShellWindow
SystemParametersInfoW
RegisterWindowMessageA
DispatchMessageA

kernel32

LoadLibraryA
WriteProcessMemory
SleepEx
SleepEx
GetSystemTimeAsFileTime
LoadLibraryExW
CreateProcessA
GetStartupInfoA
CreateProcessA
LoadLibraryExA
DeviceIoControl
Sleep
GetStartupInfoA
CreateProcessW
LoadLibraryExA
TerminateProcess
VirtualProtectEx
DeviceIoControl
WriteProcessMemory
ReadFile
LoadLibraryExA
ReadFile
LoadLibraryExW
LoadLibraryA
GetSystemTime
TerminateProcess
SleepEx
CreateProcessW
ReadProcessMemory
WaitForSingleObject
GetStartupInfoW
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
SetSystemTime
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
GetStartupInfoW
GetStartupInfoA
GetSystemTimeAsFileTime
GetStartupInfoW
ReleaseMutex
SleepEx
LoadLibraryExW
LoadLibraryA
CreateProcessW
GetStartupInfoA
ReadProcessMemory
WaitForSingleObject
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
ReadFile
WaitForSingleObject
Sleep
GetStartupInfoA
Sleep
TerminateProcess
Sleep
ReleaseMutex
ReadFile
CreateProcessW
ReleaseMutex
WaitForSingleObject
TerminateProcess
ReadFile
GetStartupInfoA
GetStartupInfoW
VirtualProtect
GetSystemTimeAsFileTime
TerminateProcess
VirtualProtect
ReadFile
VirtualProtect
GetStartupInfoA
GetSystemTimeAsFileTime
CreateProcessW
LoadLibraryExW
GetSystemTime
ReleaseMutex
WaitForSingleObject
LoadLibraryA
ReadProcessMemory
SleepEx
WriteProcessMemory
WaitForSingleObject
WaitForSingleObjectEx
WaitForSingleObjectEx
GetSystemTime
TerminateProcess
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
ReadFile
CreateProcessW
DeviceIoControl
GetStartupInfoA
GetSystemTime
SleepEx
WriteProcessMemory
CreateProcessA
LoadLibraryExA
GetStartupInfoW
LoadLibraryExW
GetStartupInfoA
WaitForSingleObjectEx
CreateFileA
WriteProcessMemory
GetSystemTimeAsFileTime
WaitForSingleObjectEx
LoadLibraryA
GetStartupInfoA
WaitForSingleObject
VirtualProtect
LoadLibraryA
GetStartupInfoA
CreateProcessA
CreateFileA
VirtualProtectEx
TerminateProcess
WaitForSingleObjectEx
CreateProcessA
ReadFile
CreateFileA
TerminateProcess
WaitForSingleObject
VirtualProtectEx
TerminateProcess
LoadLibraryExA
CreateProcessA
GetStartupInfoA
LoadLibraryA
CreateProcessA
GetSystemTimeAsFileTime
ReadProcessMemory
GetSystemTime
SleepEx
WaitForSingleObjectEx
GetStartupInfoA
CreateFileA
DeviceIoControl
GetStartupInfoW
ReadFile
DeviceIoControl
DeviceIoControl
VirtualProtect
LoadLibraryExA
DeviceIoControl
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
ReadFile
VirtualProtectEx
GetStartupInfoA
GetSystemTimeAsFileTime
DeviceIoControl
LoadLibraryExA
WriteProcessMemory
GetSystemTime
GetSystemTimeAsFileTime
CreateProcessA
GetSystemTimeAsFileTime
CreateProcessA
WaitForSingleObject
Sleep
SleepEx
SleepEx
TerminateProcess
GetSystemTimeAsFileTime
CreateFileA
CreateProcessW

advapi32

RevertToSelf
RegQueryValueExW
AccessCheck
ImpersonateNamedPipeClient
MakeSelfRelativeSD
RegOpenKeyExW
AccessCheck
RegQueryValueExW
RegCloseKey
GetTokenInformation
MakeSelfRelativeSD
RegQueryValueExW
RegCloseKey
AccessCheck
RevertToSelf
RevertToSelf
RevertToSelf
RegOpenKeyExW
MakeSelfRelativeSD
RegQueryValueExW

gdi32

SetViewportOrgEx
SetTextColor
CreateRectRgn
GdiReleaseDC
GetTextExtentPoint32W
DeleteObject
SelectObject
GdiConsoleTextOut
DeleteDC
SetTextColor
SetDCBrushColor
DeleteDC
RectVisible
DeleteObject
GetTextCharsetInfo
RectVisible
CreateSolidBrush
GetCurrentObject
CreateCompatibleDC
GetLayout

comdlg32

GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.line
Size: 75KB - Virtual size: 156KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

111cnn
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

qwerty
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e8e34bfea9fa417b50e462ef8ca21ab

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.line Size: 75KB - Virtual size: 156KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

111cnn Size: 4KB - Virtual size: 4KB

qwerty Size: 512B - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 17KB - Virtual size: 20KB

.line
Size: 75KB - Virtual size: 156KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

111cnn
Size: 4KB - Virtual size: 4KB

qwerty
Size: 512B - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 20KB