f46764cdc6f2ae57202bb00d64ba591e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f46764cdc6f2ae57202bb00d64ba591e_JaffaCakes118
Size

90KB
MD5

f46764cdc6f2ae57202bb00d64ba591e
SHA1

504d29858ddae36c407151b553663e29837be631
SHA256

ddfc1b0917ffdc4867a25862f73751b0ee49a9b86851bd52351f4a29c6588690
SHA512

2151aeb382232fe584d803581f42ae88a878cfb725b7d3bc2a54a81caeafd0c90b3518b22a44bbad919d1963a3893a064a41df157c8d78d3768199f8b4f43ef4
SSDEEP

1536:5GPFTKngf6QBfA3KoVSTObY/r4zwmmrmgH8/3qc96c7pxz159fZG:EFuu91A6oVSqbC8zwv8CcIc7pxz159fA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f46764cdc6f2ae57202bb00d64ba591e_JaffaCakes118

Files

f46764cdc6f2ae57202bb00d64ba591e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ff281cd6437ff18a3ecbbc70ac5cdd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
MultiByteToWideChar
RtlUnwind
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WriteConsoleA
WriteFile
Sleep
GetModuleHandleW
HeapReAlloc
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
HeapAlloc
HeapFree
GetLastError
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ExitProcess
SetEndOfFile
GetProcessHeap
OpenFileMappingA
CloseHandle
GetVersionExA
DeleteCriticalSection
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
CreateFileMappingA
EnterCriticalSection
VirtualAlloc
lstrcmpiA
LeaveCriticalSection
GetSystemWindowsDirectoryA
TerminateThread
InitializeCriticalSection
ExpandEnvironmentStringsA
VirtualFree
GetTickCount
GetFileAttributesExA
WaitForSingleObject
MapViewOfFileEx
lstrcpynA
UnmapViewOfFile
lstrlenA
lstrcmpA
GetProcAddress
LoadLibraryA
GetStdHandle

gdi32

FlattenPath
DeleteObject
GetTextCharsetInfo
GetEnhMetaFileHeader
SetDCBrushColor
CreateFontIndirectW
GetCharWidthI
DrawEscape
EnumFontsW
GetEnhMetaFileA
GetWindowExtEx
CreateColorSpaceA
ExtFloodFill
ColorCorrectPalette
SetICMMode
GetCharWidthFloatW
GetTextMetricsW
CreateFontIndirectExA
GetViewportOrgEx
SelectClipPath
RemoveFontResourceA
ExtCreatePen
GetBitmapBits
GetCharABCWidthsI
CloseFigure
GetNearestPaletteIndex
GetNearestColor
GetCharABCWidthsFloatA
CreatePen
GetEnhMetaFilePixelFormat
SetViewportExtEx
RectVisible
SetSystemPaletteUse
CreateICW
CreateCompatibleDC
DPtoLP
CombineRgn
DeleteColorSpace
SetICMProfileW
SaveDC
EndPath
GetCharWidth32W
ScaleViewportExtEx
SetBoundsRect
StartDocW
CloseEnhMetaFile
ExtTextOutA

comdlg32

GetSaveFileNameA
PrintDlgW
ReplaceTextW
PrintDlgA
ChooseFontA
GetOpenFileNameW
PageSetupDlgA
ReplaceTextA

ole32

CoInitialize

comsvcs

RecycleSurrogate
CoEnterServiceDomain

msi

ord269
ord281
ord266
ord262
ord261
ord156
ord84
ord224
ord169
ord36
ord260
ord68
ord232
ord246
ord7
ord108
ord276
ord252
ord81
ord214
ord42
ord126
ord179
ord249
ord209
ord231
ord254
ord10
ord95
ord229
ord257
ord272
ord195
ord227
ord72
ord86
ord141
ord228
ord218
ord210
ord274
ord5
ord130
ord253
ord155
ord9
ord215
ord219
ord239
ord225
ord136
ord71
ord8
ord6
ord94
ord267
ord107
ord258

comctl32

ord336
ImageList_DragLeave
ImageList_Add
FlatSB_GetScrollProp
ImageList_DragEnter
ImageList_SetIconSize
ord17
CreateStatusWindowW
ImageList_Merge
ImageList_Destroy
ImageList_Draw
InitializeFlatSB
DestroyPropertySheetPage
ord6
FlatSB_ShowScrollBar
ord5
ord334
PropertySheetA
ord320
ord410
ImageList_DrawEx
UninitializeFlatSB
ImageList_Remove
ImageList_SetDragCursorImage
ord412
ord13
CreatePropertySheetPageW
ord8
FlatSB_SetScrollInfo
ord4
ImageList_LoadImageA
ord329
ord328
FlatSB_SetScrollRange
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Copy

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ff281cd6437ff18a3ecbbc70ac5cdd4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

ole32

comsvcs

msi

comctl32

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 14KB - Virtual size: 21KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 14KB - Virtual size: 21KB