0d12a528e41c9bd514307170f65dd49d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d12a528e41c9bd514307170f65dd49d_JaffaCakes118
Size

646KB
MD5

0d12a528e41c9bd514307170f65dd49d
SHA1

a6105559a61be183e0b4902669c775c1cb147b22
SHA256

c931a86f11c0462b350943c7719a8c1484a8855c6afe06c2562f6bc25cc73456
SHA512

7832a063e7ae5cafe637457d14cd33ee92e7de4975bfaf5d93920e8600de9530978fe7fb43eb2770d2667d8ef562f0e2b44bc076eff75486de8a83a03dd0dfe2
SSDEEP

12288:fs4y9lkO5EiXEuA4bFnq+oCn/PY9W9k3nlWW:E1d2iX9vFxN/QN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
0d12a528e41c9bd514307170f65dd49d_JaffaCakes118

Files

0d12a528e41c9bd514307170f65dd49d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

85c90d387124991df7affd940599d2ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect

kernel32

GetModuleFileNameA
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
InitializeCriticalSection
Sleep
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
ExitProcess
GetFileType
GetSystemTime
GetFileSize
GetStdHandle
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetFilePointer
WriteFile
GetCommandLineA
GetLastError
GetModuleHandleA
MultiByteToWideChar
FreeUserPhysicalPages
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
FindResourceA
FormatMessageA
GetACP
GetCurrentProcess
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLocaleInfoA
GetProcAddress
GetSystemDefaultLCID
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 604KB - Virtual size: 734KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85c90d387124991df7affd940599d2ec

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 604KB - Virtual size: 734KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 604KB - Virtual size: 734KB

.rsrc
Size: 512B - Virtual size: 436B