228b7a257f93580a59d36bbd0196ff09_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

228b7a257f93580a59d36bbd0196ff09_JaffaCakes118
Size

1.1MB
MD5

228b7a257f93580a59d36bbd0196ff09
SHA1

04c96b624fb9fc66e24e1870d4d99974faadd484
SHA256

95b2907e0fcf19b85c3d98752b1176d378c6747389029857fddeb586e84f2c41
SHA512

49d4e1250881be6aea1f4c7dc540a19e2e4304beb533574759311e645af6f2bcb9a770d4a1d498976d13c4312b0564bc7576eecfef2d2d82e0d81a12171ea45d
SSDEEP

24576:rU5aWBf6CrU1/C0uIHxqFNEGem2h3/xHoyaoOQ/gyihFq/s:QtBXY1/rT3QyIFqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
228b7a257f93580a59d36bbd0196ff09_JaffaCakes118

Files

228b7a257f93580a59d36bbd0196ff09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

397b7e04dd9cf90de19fdd3ad8882678

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord641
ord861
ord540
ord324
ord2281
ord2362
ord4229
ord825
ord4667
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord4418
ord3733
ord561
ord815
ord2613
ord617
ord5208
ord296
ord1131
ord656
ord609
ord1220
ord1203
ord2717
ord1165
ord2294
ord665
ord4155
ord354
ord755
ord470
ord537
ord5783
ord5777
ord800
ord3568
ord3621
ord2406
ord3658
ord3701
ord1634
ord2858
ord2854
ord2371
ord2567
ord6051
ord1768
ord4390
ord5286
ord3397
ord3569
ord567
ord3605
ord1143
ord1937
ord4583
ord4582
ord4893
ord4364
ord4886
ord5070
ord4335
ord4343
ord4717
ord4884
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4958
ord4955
ord4103
ord5236
ord3743
ord1719
ord5256
ord4426
ord813
ord2615
ord560
ord4268
ord2478
ord3998
ord823
ord4270
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4704
ord4992
ord4847
ord4370
ord283
ord5261
ord1569

msvcrt

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
memcpy
memcmp
sprintf
abs
_ftol
wcscmp
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm

kernel32

GetShortPathNameW
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
GetCommandLineW
lstrcmpiW
GetModuleFileNameW
CreateFileW
GetModuleHandleW
SetCurrentDirectoryA
GlobalMemoryStatus
QueryPerformanceCounter
FindNextFileA
SetFilePointer
GetEnvironmentVariableW
GlobalLock
GetCurrentProcessId
GetStartupInfoW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyW
lstrcatW
GetTimeFormatA
GetSystemDirectoryW
UnhandledExceptionFilter
GetVersionExW
SetHandleCount
FlushFileBuffers
GetACP
GetSystemTimeAdjustment

user32

GetSystemMenu
PostMessageA
GetClientRect
GetDC
ReleaseDC
LoadCursorW
LoadIconW
IsDialogMessageA
GetParent
SendMessageW
SetCursor
GetSystemMetrics
ShowCursor
MsgWaitForMultipleObjects
GetDlgItem
CreateDialogParamW
GetKeyboardLayout
FindWindowW
CharNextW
EnableWindow
AppendMenuW
DrawIcon
CreateCaret
RegisterClipboardFormatA
SetDlgItemTextA
IsIconic

advapi32

RegCreateKeyExA

oleaut32

SysFreeString
SysAllocString
RegisterTypeLi
LoadTypeLi

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

�rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ata
Size: 11KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rr
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

397b7e04dd9cf90de19fdd3ad8882678

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 28KB - Virtual size: 25KB

�rdata Size: 8KB - Virtual size: 7KB

.ata Size: 11KB - Virtual size: 7.1MB

.rr Size: 16KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 25KB

�rdata
Size: 8KB - Virtual size: 7KB

.ata
Size: 11KB - Virtual size: 7.1MB

.rr
Size: 16KB - Virtual size: 15KB