263f96467c05ee23992cc231064da499_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

263f96467c05ee23992cc231064da499_JaffaCakes118
Size

372KB
MD5

263f96467c05ee23992cc231064da499
SHA1

da152c0bb166026c2bc09dd375277e27ebd39faf
SHA256

cadfba47ba6af811ac5964ab09de5415e44655f7eda4be6eb276994ba29aea06
SHA512

188b41f951a090e96b41a590f8d18343bdf5c4d94801f68dbcb93dcbe8b2bd792421913c382a1e3626a2299b7ed93018860855523a2ca13b26c5f8478ede2af0
SSDEEP

6144:S+v48j11kXL3x0TNm/fair/KUpkjy5ZRZvs5l8I5u8oxXpvWbZs9xXFJ5LyzttFB:SE48p1g3YNKair/K4zRZvElv+pubGj3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263f96467c05ee23992cc231064da499_JaffaCakes118

Files

263f96467c05ee23992cc231064da499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

507c6801bf7a4db44c87c6d2f7144d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectW
GetStockObject
CreateFontIndirectW
GetDeviceCaps
DeleteObject

ntdll

RtlAddAce
RtlAdjustPrivilege
NtAllocateVirtualMemory

msvcrt

_vsnwprintf
_wtoi
_wcsicmp
memset
_setjmp3
_ultow
memcpy
_amsg_exit
bsearch
malloc
_wcsnicmp
memmove
_wtol
longjmp
_vsnprintf
_initterm
free
_adjust_fdiv
_XcptFilter

rpcrt4

RpcStringFreeW

user32

DispatchMessageW
SetWindowPos
ShowWindow
CreateDialogParamW
IsWindow
ExitWindowsEx
SetWindowTextW
GetWindowRect
SendDlgItemMessageW
PeekMessageW
SetDlgItemTextW
EndDialog
ReleaseDC
DestroyWindow
MsgWaitForMultipleObjects
GetDlgItemTextW
GetDesktopWindow
GetSystemMetrics
EnableWindow
CharUpperW
SendMessageW
UpdateWindow
CharPrevW
MessageBoxW
CharNextA
MessageBeep
LoadStringW
GetDC
CharNextW
OemToCharA
DialogBoxParamW
GetDlgItem

kernel32

GetFileSize
MulDiv
GetWindowsDirectoryW
WritePrivateProfileSectionW
SizeofResource
GetCurrentProcessId
WritePrivateProfileStringW
CreateFileMappingW
MoveFileExW
GetSystemDefaultUILanguage
GetDiskFreeSpaceW
InterlockedExchange
EnumResourceLanguagesW
CreateProcessW
UnhandledExceptionFilter
FindNextFileW
SetUnhandledExceptionFilter
FindClose
GetSystemTimeAsFileTime
Sleep
SetFileTime
GetVolumeInformationW
FindFirstFileW
lstrcmpiW
LoadLibraryExW
LocalFree
WideCharToMultiByte
SetFilePointer
GetFileAttributesW
GetCurrentProcess
RemoveDirectoryW
GetPrivateProfileStringW
GetVersionExW
CreateDirectoryW
SearchPathW
MoveFileW
GetPrivateProfileIntW
MapViewOfFile
GetCurrentThreadId
LocalReAlloc
LockResource
SetFileAttributesW
lstrcmpiA
QueryPerformanceCounter
GetDriveTypeW
GetPrivateProfileSectionW
lstrlenW
DisableThreadLibraryCalls
SetLastError
RtlUnwind
FindResourceExW
ExpandEnvironmentStringsW
CopyFileW
TerminateProcess
GetModuleFileNameW
WriteFile
GetSystemInfo
CompareStringW
FreeLibrary
GetShortPathNameW
DeleteFileW
LocalAlloc
lstrcmpW
GetTickCount
CloseHandle
LoadResource
GetStartupInfoA
GetSystemDirectoryW
UnmapViewOfFile
GetTempPathW
GetUserDefaultUILanguage
ReadFile
GetFullPathNameW
CreateFileW
MultiByteToWideChar
GetEnvironmentVariableW
GetLastError
GetFileTime
LoadLibraryW
GetProfileStringW
GetTempFileNameW
GetProcAddress
InterlockedCompareExchange
MapViewOfFileEx
GetLocalTime
FindResourceW
FormatMessageW

advapi32

RegFlushKey
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CancelOverlappedAccess
CredRenameW
RegLoadKeyW
AdjustTokenPrivileges
EqualSid
RegQueryValueExW
RegDeleteKeyW
ControlTraceA
OpenProcessToken
RegCreateKeyExW
BuildTrusteeWithNameA
ConvertSidToStringSidA
AllocateAndInitializeSid
RegEnumValueW
RegOpenKeyExA
GetTokenInformation
CreateServiceW
RegSaveKeyW
RegSetValueW

Sections

.text
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

507c6801bf7a4db44c87c6d2f7144d34

Headers

File Characteristics

Imports

gdi32

ntdll

msvcrt

rpcrt4

user32

kernel32

advapi32

Sections

.text Size: 329KB - Virtual size: 329KB

.rsrc Size: 20KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 1.2MB

.rdata Size: 4KB - Virtual size: 3KB

.text
Size: 329KB - Virtual size: 329KB

.rsrc
Size: 20KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 1.2MB

.rdata
Size: 4KB - Virtual size: 3KB