7a40f11964136af4c6b798f9ca788dee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7a40f11964136af4c6b798f9ca788dee_JaffaCakes118
Size

388KB
MD5

7a40f11964136af4c6b798f9ca788dee
SHA1

da08e56eea5592d172a2e77a866c1b95087c3873
SHA256

31a8da82168cd1f63855af3fa29f27ac9566b1945c30343898b73739eb813249
SHA512

5359c07763be30be154e36e992b0c02702f2f8f55febc470dc244fa5a94e8df78dec449044cdc95e0ced135900ba1dc7ea1a55ba063c545ca0373c139681a75e
SSDEEP

3072:32Q4mzbosEd+sLrAFLc1gZ4uargBTinRIcYA3wi4iF540KHMsqYaqNN5A:P4m/dq0FeUsnecj4i3KHVaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7a40f11964136af4c6b798f9ca788dee_JaffaCakes118

Files

7a40f11964136af4c6b798f9ca788dee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0af01f3b8bb42b14613577b50dadd5d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualAllocEx
WritePrivateProfileStringA
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
SetStdHandle
SetPriorityClass
SetLastError
SetHandleInformation
SetHandleCount
SetFilePointer
SetEvent
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
RtlUnwind
RemoveDirectoryW
RemoveDirectoryA
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
PeekNamedPipe
MoveFileW
MoveFileA
LocalFree
LocalAlloc
LoadLibraryW
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
InterlockedExchange
CancelIo
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetPrivateProfileStringA
GetOverlappedResult
GetOEMCP
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileSize
GetFileInformationByHandle
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentProcessId
GetCurrentDirectoryW
GetCommandLineA
GetCPInfo
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushFileBuffers
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
EnumSystemLocalesA
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateEventA
CreateDirectoryW

user32

CharLowerW
wsprintfA
WindowFromPoint
ValidateRgn
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TrackPopupMenuEx
SystemParametersInfoW
SystemParametersInfoA
ShowWindow
SetWindowsHookExA
SetWindowTextW
SetWindowTextA
SetWindowRgn
SetWindowPos
SetWindowLongA
SetTimer
SetRect
SetParent
SetForegroundWindow
SetFocus
SetCursor
SetClipboardViewer
SetClipboardData
SetCaretPos
SetCapture
SendMessageW
SendMessageA
ScrollWindowEx
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostThreadMessageA
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
MsgWaitForMultipleObjects
MoveWindow
MessageBoxA
MessageBeep
MapVirtualKeyW
MapVirtualKeyA
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
KillTimer
IsZoomed
IsWindowVisible
IsRectEmpty
IsIconic
IsChild
InvalidateRect
HideCaret
GetWindowRgn
GetWindowRect
GetWindowLongA
GetWindowDC
GetUpdateRgn
GetUpdateRect
GetSystemMetrics
GetSystemMenu
GetSysColor
GetParent
GetMessageW
GetMessageA
GetKeyState
GetFocus
GetDoubleClickTime
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClientRect
GetCaretBlinkTime
GetActiveWindow
ExitWindowsEx
EnumClipboardFormats
EndPaint
EnableMenuItem
EmptyClipboard
DrawIconEx
DrawFocusRect
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyIcon
DestroyCursor
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreateWindowExA
CreateIconIndirect
CreateCursor
CreateCaret
CloseClipboard
ClientToScreen
ChangeClipboardChain
CallNextHookEx
BeginPaint
OpenClipboard

gdi32

CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndPath
EnumFontFamiliesExA
EnumFontFamiliesExW
EqualRgn
ExtCreatePen
ExtCreateRegion
ExtTextOutW
FillPath
GdiFlush
GetBkColor
GetCharABCWidthsA
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetClipRgn
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetFontData
GetGlyphOutlineA
GetGlyphOutlineW
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetPaletteEntries
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextExtentPoint32W
GetTextMetricsA
GetTextMetricsW
GetWindowExtEx
CreatePatternBrush
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetRgn
PaintRgn
PatBlt
Pie
PolyBezier
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
ResizePalette
RoundRect
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBitsToDevice
SetGraphicsMode
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetWindowOrgEx
SetWorldTransform
StretchBlt
StretchDIBits
StrokePath
TextOutA
TextOutW
UnrealizeObject
CreatePalette
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateEllipticRgn
Arc
BeginPath
BitBlt
Chord
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
LineTo
CreateDIBSection

advapi32

RegQueryValueExW
RegOpenKeyA
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegFlushKey
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

imm32

ImmNotifyIME
ImmGetContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmAssociateContext
ImmSetCandidateWindow
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0af01f3b8bb42b14613577b50dadd5d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

Sections

.text Size: 207KB - Virtual size: 207KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 59KB - Virtual size: 59KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 207KB - Virtual size: 207KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 40KB - Virtual size: 40KB