07d21e24ddc7ed0e5657b1c3004c0809_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07d21e24ddc7ed0e5657b1c3004c0809_JaffaCakes118
Size

243KB
MD5

07d21e24ddc7ed0e5657b1c3004c0809
SHA1

eb77fa5e65337f9134da02ffdb18e6704dfebdc2
SHA256

0ab9285ec70a4f977d87205c37aa1863ef4eb0ba7038d3ab0a537cccd55cf4a2
SHA512

758821c4185a395ad63201f04603f5e704d2a0bfcc72797f4a11d87120d48f7ba3b248556141199e19a4815530fa0c8bda3623436d4ad1115378b26dafdb027d
SSDEEP

6144:a3Xe0lnj2yRJbvP3geCY6vcby3RO5cBRwfpe:a3X5pjbvP3hCnEby3g+3w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d21e24ddc7ed0e5657b1c3004c0809_JaffaCakes118

Files

07d21e24ddc7ed0e5657b1c3004c0809_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cf9271bcee91a299d6e9b36c16e75ceb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypntra

_FExp
_LDtest
_Snan
_FRteps
_FEps
_Eps
_LCosh
_FXbig
_Dnorm
_LInf
_LNan

user32

SetFocus
GetWindowThreadProcessId
LoadImageA
GetParent
CallWindowProcW
ClientToScreen
GetActiveWindow
RegisterClassW
GetSystemMetrics
OffsetRect
SetWindowTextW
IsWindowVisible
GetScrollPos
TranslateAcceleratorA
CallWindowProcA
MapDialogRect
UnionRect
ScrollWindowEx
GetWindowLongA
KillTimer
SetParent
PostMessageA
ChangeClipboardChain
GetAsyncKeyState
IntersectRect
CreateMDIWindowW
GetUpdateRgn
GetMessageTime
BringWindowToTop
EnumWindows
GetClipboardFormatNameA
WinHelpW
WinHelpA
IsWindowUnicode
DrawEdge
GetClassNameA

gdi32

MoveToEx
SetStretchBltMode
AnimatePalette
SetViewportExtEx
CreatePen
SetWindowExtEx
GetOutlineTextMetricsA
Ellipse
GetFontData
EndDoc
SetMetaFileBitsEx
StartPage
CombineRgn
GetBitmapBits
CreateRectRgnIndirect
DeleteMetaFile
GetCurrentObject
EnumFontFamiliesExA
TextOutA
StartDocA
DeleteEnhMetaFile
GetDCOrgEx

advapi32

RegQueryValueExA
RegOpenKeyExA

ole32

DoDragDrop
OleTranslateAccelerator
OleSetClipboard
CLSIDFromProgID
OleSetMenuDescriptor
OleGetIconOfClass
StgIsStorageFile
OleDuplicateData
StgOpenStorageOnILockBytes
OleGetIconOfFile
SetConvertStg
OleRegGetMiscStatus
CoRegisterMessageFilter
OleRegEnumVerbs

kernel32

GlobalAlloc
VirtualFree
GetEnvironmentStrings
ResumeThread
SetStdHandle
UnhandledExceptionFilter
GlobalReAlloc
DeleteFileA
WideCharToMultiByte
ResetEvent
GetUserDefaultLCID
SetErrorMode
TerminateProcess
GetVersionExA
SetCurrentDirectoryW
LCMapStringA
IsValidCodePage
HeapFree
SetPriorityClass
LockResource
Sleep
CreateFileA
lstrcpyA
VirtualFree
CloseHandle
GetModuleFileNameW
FormatMessageA
InterlockedDecrement
GetProfileStringA

ntdll

NtQueryInformationFile
RtlFillMemory
NtCreateTimer
ZwProtectVirtualMemory
ZwSetEvent
RtlCompareUnicodeString
RtlCompareString
NtSuspendThread
RtlFreeUnicodeString

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf9271bcee91a299d6e9b36c16e75ceb

Headers

DLL Characteristics

File Characteristics

Imports

crypntra

user32

gdi32

advapi32

ole32

kernel32

ntdll

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 184KB - Virtual size: 188KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 184KB - Virtual size: 188KB