25930462fd42ac9d5b0788a3b63c2651_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25930462fd42ac9d5b0788a3b63c2651_JaffaCakes118
Size

808KB
MD5

25930462fd42ac9d5b0788a3b63c2651
SHA1

04354264726cbce27b8f84bab9f3b68f14500228
SHA256

05cafab48acfdfe012fd19b17d797ec6ce199636803fa680ae23e0aa2c972030
SHA512

f92d7b842bdc66333350ea588e9e423e7a68f4d2f074ad739d763e74c1d532081e672b20908481ff8f63b3ecf5879b505d4326c09c651d29bc70f37d6e273ffb
SSDEEP

12288:Q149dVa0D8LC3oRN/N6XoKCGtz+yH4z+VVC+uIfQhEEv1VVgxc:m+8LRfKCGtz+yH77CM4DZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25930462fd42ac9d5b0788a3b63c2651_JaffaCakes118

Files

25930462fd42ac9d5b0788a3b63c2651_JaffaCakes118
.exe windows:5 windows x86 arch:x86

157c3a3f13271f5f08f47c1fad050bb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleFileNameW
VirtualProtect
InterlockedDecrement
VirtualAlloc
InterlockedIncrement
HeapAlloc
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
GetProcAddress
LoadLibraryW
lstrcmpiW
GetLastError
FreeLibrary
CreateThread
LoadLibraryW
CloseHandle
GetLastError
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentProcessId
EnterCriticalSection
SetLastError
GetSystemTimeAsFileTime
HeapFree
CreateThread
InterlockedExchange
InterlockedExchange
HeapDestroy
CreateFileW
InterlockedCompareExchange
InterlockedExchange
VirtualProtect
GetModuleFileNameA
DeleteCriticalSection
InterlockedDecrement
GetProcessHeap
CreateEventW
GetTickCount
GetCurrentThreadId
GetModuleFileNameA
VirtualProtect
DeleteCriticalSection
HeapFree
ReadFile
GetModuleFileNameW
EnterCriticalSection
CreateEventW
InterlockedIncrement
GetModuleHandleA
InterlockedExchange
InterlockedExchange
LeaveCriticalSection
UnhandledExceptionFilter
GetModuleFileNameW
lstrcmpiW
HeapDestroy
GetVersionExA
GetModuleFileNameA
VirtualAlloc
DeleteCriticalSection
QueryPerformanceCounter
GetLastError
LoadLibraryW
LocalFree
Sleep
lstrlenA
LeaveCriticalSection
UnhandledExceptionFilter
DeleteCriticalSection
GetProcAddress
DisableThreadLibraryCalls
InterlockedIncrement
LoadLibraryW
LeaveCriticalSection
InterlockedExchange
LocalFree
InterlockedDecrement
InitializeCriticalSection
FreeLibrary
LoadLibraryW
CreateFileW
QueryPerformanceCounter
DisableThreadLibraryCalls
InitializeCriticalSection
ReadFile
VirtualProtect
GetVersionExA
VirtualAlloc
InterlockedIncrement
HeapAlloc
GetModuleHandleW
InterlockedDecrement
HeapAlloc
VirtualProtect
InitializeCriticalSection
LocalAlloc
LoadLibraryW
lstrlenA
EnterCriticalSection
MultiByteToWideChar
InitializeCriticalSection
QueryPerformanceCounter
DisableThreadLibraryCalls
DeleteCriticalSection
DeleteCriticalSection
CreateEventW
EnterCriticalSection
HeapDestroy

user32

SetCursor
EnableWindow
GetSysColor
SetForegroundWindow
SetWindowTextW
PeekMessageW
ShowWindow
SetDlgItemTextW
EndPaint
SendDlgItemMessageW
GetDesktopWindow
GetSystemMetrics
CharNextW
DialogBoxParamW
SetFocus
SetDlgItemTextW
GetWindowRect
IsWindow
MessageBoxW
DestroyWindow
SendMessageW
MessageBoxW
SetDlgItemTextW
LoadStringW
DefWindowProcW
SetFocus
DialogBoxParamW
PeekMessageW
KillTimer
LoadIconW
ShowWindow
GetDesktopWindow
GetSysColor
GetDesktopWindow
DialogBoxParamW
DefWindowProcW
InvalidateRect
EndDialog
DispatchMessageW
PeekMessageW
InvalidateRect
SetWindowLongW
ShowWindow
EndDialog
GetDesktopWindow
SendDlgItemMessageW
LoadIconW
SetWindowTextW
ShowWindow
SetCursor
ShowWindow
GetWindowLongW
CreateWindowExW
SetDlgItemTextW
InvalidateRect
GetWindowLongW
GetWindowRect
PostQuitMessage
SetWindowTextW
SetFocus
BeginPaint
DialogBoxParamW
wsprintfA
GetWindowLongW
SetTimer
GetSystemMetrics
GetParent
MessageBoxW
GetDC
GetWindowLongW
SendDlgItemMessageW
GetDlgItem
SendMessageW
CreateWindowExW
GetSysColor
ShowWindow
PostQuitMessage
SetForegroundWindow
LoadStringW
SendMessageW
GetDesktopWindow
IsWindow
SetWindowLongW
MessageBoxW
GetDC
GetWindowLongW
KillTimer
SetFocus
GetClientRect
LoadIconW
TranslateMessage
ReleaseDC
BeginPaint
BeginPaint
InvalidateRect
CreateWindowExW
LoadIconW
PostQuitMessage
GetParent
wsprintfA
wsprintfA
SetForegroundWindow
SetFocus
GetParent
SetFocus
GetDC
GetWindowRect
DestroyWindow
GetFocus

Sections

.text
Size: 719KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157c3a3f13271f5f08f47c1fad050bb0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 719KB - Virtual size: 968KB

.data Size: - Virtual size: 4KB

.rdata Size: 6KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 719KB - Virtual size: 968KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB