07318e0f780396ca081a819416da696b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07318e0f780396ca081a819416da696b_JaffaCakes118
Size

261KB
MD5

07318e0f780396ca081a819416da696b
SHA1

a4faad74e9123890c8e1f4d8b0635cb7b4f27f9f
SHA256

c6659983a0f5ea9359c5166198ae672f52a999f19cf84da355cdb829a1bce03a
SHA512

ddab7e2a695aa65ad6c8caa3ba6883c44dcb194f9b51c955e7f5de72bd16bd358cd21d4ce59d4d9efb91b5eb38236916ac5a4477e1dbd247e400c8da2a60f17f
SSDEEP

6144:61c6Mr9tv4sDVsDtiY99SQDdaWUu8ioX5jF25JuWDtR:61cxht9DVssY9PdaVuzoJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07318e0f780396ca081a819416da696b_JaffaCakes118

Files

07318e0f780396ca081a819416da696b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f7a8f176c2c5fe60b8fabd2f53e9f509

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GetCommandLineA
LocalFree
DeleteFileA
GetVersion
WriteFile
Sleep
lstrcmpiA
GetFileAttributesA
GetCurrentProcess
SetCurrentDirectoryA
GetCommandLineW
CompareFileTime
GetDriveTypeA
GetStartupInfoW
GetTempFileNameA
HeapDestroy
WideCharToMultiByte
InterlockedDecrement
FindClose
FreeEnvironmentStringsA
CreateEventA
GetLastError
LoadLibraryExA
GetLocalTime
ResetEvent
OpenFile
FileTimeToDosDateTime
SetPriorityClass
FlushFileBuffers
IsBadReadPtr
GlobalAlloc
SearchPathA
VirtualFree
GetUserDefaultLCID

advapi32

RegOpenKeyExW

user32

IsChild
GetDlgItem
SetClassLongA
CreateDialogIndirectParamW
InvalidateRect
IsZoomed
RegisterWindowMessageA
GetForegroundWindow
MessageBeep
CallWindowProcW
CreateMDIWindowW
DefWindowProcA
GetDoubleClickTime
SetRectEmpty
EnumDisplaySettingsA
DestroyCaret
ChangeClipboardChain
DefMDIChildProcW
CreateIcon
LoadAcceleratorsA
GetClipboardFormatNameA
EnumChildWindows
FindWindowA
GetWindowLongA
PostMessageA
GetCaretBlinkTime
ValidateRect
GetUpdateRgn
RemoveMenu
wsprintfA

mlanrier

_LXbig
_FDenorm
_Denorm
_Mbrtowc
_Toupper
_Tolower
_Eps
_FXbig
_LRteps
_LDscale
_Dscale
_Dnorm
_Getctype

gdi32

GetTextColor
Pie
CreatePatternBrush
EndPage
EndDoc
DeleteEnhMetaFile
SelectObject
UnrealizeObject
SetMapMode
GetRasterizerCaps
OffsetRgn
DeleteDC
SetWindowExtEx
GetBkColor
GdiFlush
GetTextCharsetInfo
SetViewportOrgEx
OffsetWindowOrgEx
SetBkColor
CreatePalette

ole32

OleCreateMenuDescriptor
OleRun
CoFreeUnusedLibraries
StgCreateDocfile
OleCreateFromFile
CoGetClassObject
ProgIDFromCLSID
CoTreatAsClass
MkParseDisplayName
CoRegisterMessageFilter
ReadFmtUserTypeStg
CoTaskMemFree
OleMetafilePictFromIconAndLabel
CoRevokeClassObject
ReleaseStgMedium
CoDisconnectObject
OleLoad

ntdll

ZwCreateTimer
NtQuerySystemTime
ZwQueryInformationProcess
NtProtectVirtualMemory
ZwSetEvent
NtReadFile

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7a8f176c2c5fe60b8fabd2f53e9f509

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

mlanrier

gdi32

ole32

ntdll

Sections

.text Size: 155KB - Virtual size: 155KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 155KB - Virtual size: 155KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 60KB - Virtual size: 60KB