17b7db97e2776c1c38c050f9268a051f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17b7db97e2776c1c38c050f9268a051f_JaffaCakes118
Size

256KB
MD5

17b7db97e2776c1c38c050f9268a051f
SHA1

9532659d1296e36fbf47afcf69983a2072f15a48
SHA256

712eeb71b723b3f32d6eb5b6b6286ee2a80d6478b2c9d3a6b3f0db221e17d95d
SHA512

65f78110cbd45c17106ca11a011628785eb6727f4c9f0d38b0b0deed093d69747f4dcbe274ab44e7215d392607a8a42e0f244766f3a1cca92ec2342490b0f2d9
SSDEEP

6144:ES3NTSMSSzQ4H5CNiErkwOE+Qf5cL0U3RvoICZhZs:E4SMlfH5krkTE+8UhALZhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17b7db97e2776c1c38c050f9268a051f_JaffaCakes118

Files

17b7db97e2776c1c38c050f9268a051f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3c2e14df783e590768a1291c2dacb8e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
SetActiveWindow
ReleaseDC
SetWindowTextW
ReleaseCapture
PtInRect
SetWindowLongW
GetActiveWindow
SendMessageW
GetKeyState
LoadStringW
PostMessageW
GetMenu
TrackPopupMenu
GetSubMenu
SetWindowPos
MessageBeep
DestroyMenu
GetMenuStringW
CheckMenuItem
CreateWindowExW
DrawFocusRect
MoveWindow
InflateRect
CreateWindowExA
RegisterClassW
GetClientRect
OffsetRect
ClientToScreen
LoadIconA
DefWindowProcW
SetTimer
GetCursorPos
DestroyIcon
DestroyWindow

kernel32

IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoW
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
FreeLibrary
SetConsoleCtrlHandler
EnterCriticalSection
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
GetTimeZoneInformation
GetCurrentThreadId
SetLastError
VirtualAlloc
GetEnvironmentStrings
GetTickCount
IsDebuggerPresent
GetEnvironmentStringsW
Sleep
GetCommandLineA
GetLastError
GetProcAddress
LoadLibraryW
GetVersionExA
GetModuleHandleA
GetCurrentThread
GetStdHandle
CreateFileA
InterlockedDecrement
LeaveCriticalSection
lstrlenW
ExitProcess
GetModuleHandleW
GetModuleFileNameA
FindClose
InterlockedExchange
GetCurrentProcess
HeapAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapCreate
HeapDestroy
InterlockedIncrement
TlsFree
HeapFree
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue

gdi32

CreatePalette

advapi32

RegCreateKeyW

ole32

OleGetClipboard

Sections

.text
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c2e14df783e590768a1291c2dacb8e6

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

ole32

Sections

.text Size: 238KB - Virtual size: 238KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 6KB - Virtual size: 8KB

.text
Size: 238KB - Virtual size: 238KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 6KB - Virtual size: 8KB