310054eb87a9b486bfcfb61f1d8432d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

310054eb87a9b486bfcfb61f1d8432d5_JaffaCakes118
Size

807KB
MD5

310054eb87a9b486bfcfb61f1d8432d5
SHA1

b8af2517455e4ef2e57c093b1989668576fc4425
SHA256

e17e1e67286ca79fe6f2bcca059d840e54b110e5fb6c6014bac563ba700e5d3a
SHA512

4d9a7d653c147557bf1e591e2feeeb78282c37f770dcd6b5a65918a06154f59c9d52c3c74495e4075c08190947e8f38d226ab250e2d31f3767391b978b900607
SSDEEP

12288:JPoMTMTGwORU7g5LYg8biUxbCcyGD27nVqqzyndgxG:PTeGwaU28gGiUN9wjVadd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
310054eb87a9b486bfcfb61f1d8432d5_JaffaCakes118

Files

310054eb87a9b486bfcfb61f1d8432d5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96378e217e0c6b83b085695d4bbd61b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
InterlockedCompareExchange
SetLastError
GetTickCount
CreateFileW
InitializeCriticalSection
GetModuleFileNameW
LocalFree
GetModuleHandleA
CloseHandle
DeleteCriticalSection
DeleteCriticalSection
ReadFile
InterlockedCompareExchange
GetTickCount
InterlockedDecrement
VirtualAlloc
InterlockedDecrement
LeaveCriticalSection
HeapDestroy
LoadLibraryW
VirtualAlloc
LoadLibraryW
MultiByteToWideChar
GetModuleFileNameW
InterlockedDecrement
HeapFree
InitializeCriticalSection
VirtualProtect
ReadFile
HeapDestroy
GetModuleHandleW
lstrcmpiW
Sleep
InterlockedCompareExchange
HeapAlloc
LocalFree
FreeLibrary
GetModuleFileNameA
LocalAlloc
GetVersionExA
lstrlenA
InitializeCriticalSection
DisableThreadLibraryCalls
LoadLibraryW
CreateEventW
InterlockedExchange
GetTickCount
MultiByteToWideChar
InterlockedDecrement
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
LocalFree
LeaveCriticalSection
LocalFree
InterlockedDecrement
GetModuleFileNameA
GetProcessHeap
HeapAlloc
InterlockedDecrement
lstrlenA
VirtualProtect
GetModuleHandleW
LoadLibraryA
LocalAlloc
InterlockedExchange
CloseHandle
LocalAlloc
InterlockedCompareExchange
CreateThread
InterlockedCompareExchange
HeapDestroy
InterlockedExchange
LocalAlloc
VirtualAlloc
VirtualAlloc
DisableThreadLibraryCalls
GetCurrentProcess
HeapAlloc
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
VirtualProtect
InterlockedIncrement
GetModuleHandleW
ReadFile
InterlockedDecrement
VirtualAlloc
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
Sleep
GetLastError
GetCurrentProcessId
InterlockedExchange
GetModuleHandleW
LocalFree
LocalFree
GetVersionExA
InterlockedDecrement
CloseHandle

user32

MessageBoxW
wsprintfA
SetTimer
BeginPaint
SetDlgItemTextW
GetDC
GetDC
GetDesktopWindow
ShowWindow
PeekMessageW
ReleaseDC
EnableWindow
DialogBoxParamW
DialogBoxParamW
EnableWindow
GetDlgItem
GetSysColor
GetSystemMetrics
GetClientRect
SendMessageW
GetParent
InvalidateRect
DialogBoxParamW
LoadCursorW
SetCursor
DestroyWindow
GetParent
DefWindowProcW
wsprintfA
SendDlgItemMessageW
InvalidateRect
PostMessageW
IsDlgButtonChecked
DialogBoxParamW
MessageBoxW
SetWindowLongW
DestroyWindow
LoadIconW
SendDlgItemMessageW
CreateWindowExW
BeginPaint
SetWindowTextW
DialogBoxParamW
GetDesktopWindow
DestroyWindow
GetParent
SetCursor
ReleaseDC
TranslateMessage
MessageBoxW
DialogBoxParamW
wsprintfA
SendMessageW
GetSystemMetrics
ReleaseDC
LoadIconW
SetWindowPos
GetWindowRect
PostMessageW
SetCursor
SendMessageW
GetSysColor
GetClientRect
BeginPaint
LoadIconW
ReleaseDC
GetParent
PostMessageW
TranslateMessage
SetWindowLongW
GetSystemMetrics
ReleaseDC
DispatchMessageW
DialogBoxParamW
EndDialog
KillTimer
IsDlgButtonChecked
SetWindowLongW
GetDesktopWindow
SetWindowPos
SetWindowLongW
EndDialog
GetWindowRect
TranslateMessage
SendDlgItemMessageW
PostMessageW
GetDesktopWindow
GetWindowLongW
EndDialog
SendDlgItemMessageW
CharNextW
LoadIconW
DestroyWindow
BeginPaint
GetSysColor
GetWindowRect
EnableWindow
GetDesktopWindow
KillTimer
GetDlgItem
SetTimer
CharNextW
PostQuitMessage

Sections

.text
Size: 718KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96378e217e0c6b83b085695d4bbd61b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 718KB - Virtual size: 968KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 718KB - Virtual size: 968KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB