083e981131638042d08ac8b48954b134_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

083e981131638042d08ac8b48954b134_JaffaCakes118
Size

144KB
MD5

083e981131638042d08ac8b48954b134
SHA1

984c912a3271470696f2d5cf7e85dd0d7158a5c9
SHA256

df4537263e36794d0e6477eccde95e45e2888fd302fd3a7270c6371623ae9c7f
SHA512

5501fc120d4bbfc9f4e26f3cb7f6fede76fceae6676f1fe2392132e7e26e59c46d6649739900a7255ee535d4069c4ba4eb9386e1193c2164a05dddd70e6533ab
SSDEEP

3072:q71wrG+RO2uo4Uhv1yHElKn4HCZQispL3E2TOap7ITpc9caklVpxNuRgkK:qhznoV50znMCZupL3E2qM7EavUVQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083e981131638042d08ac8b48954b134_JaffaCakes118

Files

083e981131638042d08ac8b48954b134_JaffaCakes118
.exe windows:5 windows x86 arch:x86

41fd5a40ed240a4a4c85ee7127af3757

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

eqncdmsp

_FDscale
_Rteps
_FDnorm
_LInf
_Stof
_Wcrtomb
_FInf
_FDtest
_FCosh
_Mbrtowc
_Stod

gdi32

CreatePatternBrush
Polygon
ExtTextOutA
RestoreDC
ExcludeClipRect
SetWinMetaFileBits
CreatePenIndirect
SetPixelV
SelectPalette
CreateRectRgn
CreateDCA
Polyline
GetTextExtentPoint32A
SetStretchBltMode
SetRectRgn
CreateEnhMetaFileA
SetAbortProc
Rectangle
GetCharABCWidthsA
GetTextExtentPoint32W
GetPaletteEntries
SetPixel
DeleteEnhMetaFile

user32

SendMessageA
GetMenu
FrameRect
LoadStringA
CheckMenuItem
GetKeyNameTextA
EmptyClipboard
GetSysColorBrush
CharToOemA
GetKeyboardLayoutList
CharLowerBuffA
IsDialogMessageA
GetWindowTextA
CallWindowProcW
DefWindowProcA
GetWindowLongA
ChildWindowFromPoint
GetKeyboardState
UnregisterClassW
LoadBitmapA
SetWindowsHookExA
GetKeyboardLayout
DefFrameProcA
SetWindowLongA
CharLowerA
ReuseDDElParam
GetScrollInfo
SetCursor
IsIconic
HideCaret
GetClassNameA
SetScrollInfo
ScrollWindow
SetWindowTextA
GetWindowTextLengthA
DrawEdge

kernel32

VirtualQuery
GlobalUnlock
GetModuleHandleA
GetFileType
WaitForSingleObject
ReleaseMutex
GlobalGetAtomNameA
SetThreadPriority
LoadResource
GetTimeZoneInformation
MapViewOfFile
TerminateProcess
CloseHandle
WaitForMultipleObjects
ResetEvent
EnterCriticalSection
CreateMutexA
GetExitCodeThread
VirtualQuery
SuspendThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GlobalFree
GlobalAlloc
TryEnterCriticalSection
ExitThread
FileTimeToLocalFileTime
QueryPerformanceFrequency
GetCPInfo
LoadLibraryW
GetComputerNameA
CreateFileW
TerminateProcess
CreateFileMappingA
LoadLibraryA
lstrlenW
CreateDirectoryA

comctl32

ImageList_SetBkColor
ImageList_Add
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_GetIcon

ole32

CoUninitialize
CoCreateInstance
CoDisconnectObject
CreateDataAdviseHolder

version

GetFileVersionInfoSizeA

shell32

SHBrowseForFolderA
SHGetMalloc

advapi32

RegCloseKey
RegDeleteKeyA

oleaut32

SafeArrayGetElement
VariantClear
SafeArrayCreateVector

imm32

ImmGetVirtualKey

Sections

.text
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41fd5a40ed240a4a4c85ee7127af3757

Headers

DLL Characteristics

File Characteristics

Imports

eqncdmsp

gdi32

user32

kernel32

comctl32

ole32

version

shell32

advapi32

oleaut32

imm32

Sections

.text Size: 106KB - Virtual size: 108KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 30KB - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 106KB - Virtual size: 108KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 30KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 4KB