0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118

General

Target

0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118
Size

211KB
MD5

0274d65f4ee68b1fb425357c713cf8bd
SHA1

e9a7c1d9e8296eb8495160749d188aee55aaad02
SHA256

7146f9eee55a4519eed0b9cde362fb84e47115b576937a149d613e8e018a23d6
SHA512

df68405bb61675e3cc377d0e6a5972cbd5c03a1f37c708f24bb25ca323ac56569e17f1c6f62b2d34b503a447f705e46e566dc190d31cc959482797d9ef68dc66
SSDEEP

3072:oUGPS1zzF2puPFG0bGzIMnzOI4faa8B57+g5B3Qg+YMDUVLZq6mViKJTjwKCtBGx:P1fFvtnqz5z9a8B5VfQChqxHqFg2Fk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118

Files

0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8a0e37a72712a0beba562186908a323

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
GlobalFree
VirtualAlloc
DeleteCriticalSection
GlobalUnlock
SleepEx
HeapSize
GetCurrentProcess
UnhandledExceptionFilter
ExitProcess
lstrlenW
lstrcmpiW
HeapDestroy
InterlockedDecrement
GetPriorityClass
FindFirstFileW
GetVersionExA
lstrlenA
LocalAlloc
EnterCriticalSection
GetCurrentThreadId
VirtualAlloc
GetModuleFileNameW
CloseHandle

dbgebdbr

_LDenorm
_Nan
_Poly
_Getctype
_Hugeval
_Dtest

user32

ShowWindow
DefWindowProcW
DrawFocusRect
SetCursor
ScreenToClient
CharUpperW
CreateDialogIndirectParamW
FindWindowW
OffsetRect
GetMenuItemCount
SetProcessDefaultLayout
CreateAcceleratorTableW
GetCapture
DestroyMenu
MapDialogRect
GetClassNameA
GetClientRect
GetWindowTextLengthW
TranslateAcceleratorW
EndPaint
SetDlgItemTextW
CallWindowProcW
FillRect
SetWindowPos
SendMessageA
CallNextHookEx
GetWindow
EnableWindow
PtInRect
LoadImageW

ntdll

NtOpenDirectoryObject
NtQueryMutant
NtClearEvent
NtOpenEventPair
NtQueryObject
NtQueryInformationThread
NtQueryDirectoryObject
NtReadFile

gdi32

GetEnhMetaFileBits
GetPixel
CreateBitmap
EndPage
EnumFontFamiliesExA
IntersectClipRect
GetObjectA
CreateHalftonePalette
GetTextExtentPoint32A
EndDoc
GetObjectType
GetBitmapBits
EnumFontsA
CreateCompatibleDC
GetClipBox
CreateICA

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8a0e37a72712a0beba562186908a323

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

dbgebdbr

user32

ntdll

gdi32

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 43KB - Virtual size: 44KB

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 43KB - Virtual size: 44KB