010049b9c741c7a95de9024b63266c26_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

010049b9c741c7a95de9024b63266c26_JaffaCakes118
Size

112KB
MD5

010049b9c741c7a95de9024b63266c26
SHA1

58747781edcee0fa489340b107e1293ded303bba
SHA256

1b32525c207df5eff4d6a18bfe5be040aa4d23a1718fad95bd81e6970fb51f36
SHA512

c0ab21979d279c87fe02f7fe5167bfb48cef510d44371ad2153f8cb9557ddcf5721b7683afed0e0690534b3b876fe5d8af24f96ca2608a87128df07b3fa9b710
SSDEEP

3072:EBpZ9WfgjG00K0LKrl6KnBHwdnMRwaDdSO:EDjG00NLKBBQVonN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010049b9c741c7a95de9024b63266c26_JaffaCakes118

Files

010049b9c741c7a95de9024b63266c26_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOverlappedResult
WaitForMultipleObjects
GetQueuedCompletionStatus
GetTickCount
MultiByteToWideChar
lstrlenA
WriteConsoleA
GetSystemTimeAsFileTime
ReadFile
GlobalFree
SizeofResource
FindResourceW
lstrcmpW
GlobalAlloc
LoadResource
lstrcmpiW
GetCurrentThreadId
lstrlenW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ResetEvent
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetSystemInfo
GetFileType
SetHandleCount
TerminateProcess
ExitProcess
VirtualQuery
GetVersionExA
RtlUnwind
GetCurrentProcess
SetProcessWorkingSetSize
SetEvent
PostQueuedCompletionStatus
CloseHandle
WriteFile
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
InterlockedExchange
GetStdHandle
VirtualProtect
HeapSize
GetCommandLineA

user32

GetWindowDC
GetWindowRect
GetPropW
SetPropW
SetWindowLongW
SetWindowLongA
GetClassNameW
IsWindowUnicode
SendMessageW
GetWindowLongW
CallNextHookEx
SetWindowsHookExW
RemovePropW
CallWindowProcW
GetClientRect
MapWindowPoints
ShowCaret
BeginPaint
EndPaint
ExcludeUpdateRgn
GetWindowTextW
CharNextW
DrawTextW
GetFocus
IntersectRect
DrawFocusRect
ValidateRect
ScreenToClient
InvalidateRect
GetSysColor
GetDC
GetSystemMetrics
DefWindowProcW
IsIconic
IsWindowEnabled
GetWindow
GetParent
InflateRect
OffsetRect
ReleaseDC
wvsprintfA
MsgWaitForMultipleObjects
HideCaret

advapi32

ReportEventW

gdi32

CreateDIBitmap
SetBkColor
DeleteObject
IntersectClipRect
GetTextExtentPointW
ExtTextOutW
SelectObject
SetTextColor
CreateSolidBrush
SetBkMode
PatBlt

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74dcd9ac418553c11f69372d080d092

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB