568df63cf451feb9a77f5a6ea5801d22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

568df63cf451feb9a77f5a6ea5801d22_JaffaCakes118
Size

532KB
MD5

568df63cf451feb9a77f5a6ea5801d22
SHA1

43b75671a51a057fe7285f8b7b856a03a6b47398
SHA256

023eee1b23680f3bf0ec9128c376f4f84085ff45bfa6e3f4bba43a3e047b70f5
SHA512

b857d3620a3bc9701c6bf93de8c227a97a210e3a330f1e16f2a4fbdbe4099e0189979a0f894d0e572690dcc1e952dffafcc55dc41c19e9ee5eadca2e38420180
SSDEEP

12288:VfURNzF5arFb3l1tU96K0iCBgZmOGIeOtmhBTisGt:VfWu5B/UxSzDBTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
568df63cf451feb9a77f5a6ea5801d22_JaffaCakes118

Files

568df63cf451feb9a77f5a6ea5801d22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f448ca4e646a476886b800bbc8ab3da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
SetBkColor
CreateCompatibleDC

kernel32

HeapCreate
IsValidCodePage
WideCharToMultiByte
CreateProcessA
SizeofResource
SetStdHandle
GetModuleHandleW
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
CompareStringA
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetProcAddress
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
ResetEvent
GlobalFree
FindFirstFileA
FreeEnvironmentStringsW
GetProcessHeap
GlobalLock
DeleteFileW
SetEvent
DeleteFileA
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
WriteFile
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetExitCodeProcess
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
ExpandEnvironmentStringsA
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetOEMCP
TlsAlloc

user32

LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
GetWindowLongA
CheckMenuItem
SetWindowTextA
EndDialog
SetWindowLongA
ReleaseCapture
SetCapture
IsIconic
GetWindowRect
GetSystemMetrics
KillTimer
BeginPaint
SetFocus
EndPaint
SetTimer
GetSubMenu
EnableMenuItem
LoadStringA
IsWindowEnabled
LoadIconA
SetWindowPos
EnableWindow
ShowWindow
FillRect
UpdateWindow
GetParent
DestroyWindow
GetKeyState
ClientToScreen
GetClientRect
ReleaseDC
GetDC
PostMessageA
DispatchMessageA
IsWindow
PostQuitMessage
SetForegroundWindow
SystemParametersInfoA
DispatchMessageW
InvalidateRect
SendMessageA
CallWindowProcA
SetCursor
GetFocus
MessageBoxA
TranslateMessage
GetSysColor

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegCreateKeyExA

msvcrt

free
_cexit
exit

Sections

.text
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f448ca4e646a476886b800bbc8ab3da

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 512KB - Virtual size: 511KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 512KB - Virtual size: 511KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 4KB