0ed6d3f72c4abb18453497bc8290e0d9_JaffaCakes118

General

Target

0ed6d3f72c4abb18453497bc8290e0d9_JaffaCakes118
Size

220KB
MD5

0ed6d3f72c4abb18453497bc8290e0d9
SHA1

e542800524573a55de647d15166b6cbfb1b53851
SHA256

1400af6213cdc74e96ca9877f68fcd2789685c6321f1ef4ac88ae43645c05822
SHA512

71d96fde19989ac4a462daab855ef245c41ddcb2f3d7b53e5b159879f8d5b00e333b80434f37af51698f4d7583fa89e7b304a6587c8ffaf9bffe65cf5760702e
SSDEEP

6144:/mNMtz48ESVtPZOM3ACcauvjH7MhRUajSFw:/eMz48plgkACcauvjwhRU8S6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed6d3f72c4abb18453497bc8290e0d9_JaffaCakes118

Files

0ed6d3f72c4abb18453497bc8290e0d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

620402dec6530fbb27d88553c98c22a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreatePalette
EndDoc
GdiFlush
CreateDIBitmap
SetEnhMetaFileBits
GetTextMetricsA
UnrealizeObject
SetBkMode
GetTextExtentPoint32A

ntdll

NtOpenTimer
NtQueryEvent
NtReleaseSemaphore
NtCreateSection
NtQueryInformationThread
NtOpenFile
NtOpenEventPair
NtCreateSemaphore
NtQuerySection
NtOpenMutant
NtClearEvent

kernel32

QueryPerformanceCounter
SetEvent
HeapFree
OutputDebugStringA
EnterCriticalSection
HeapReAlloc
LocalAlloc
EnumUILanguagesW
VirtualAlloc
GetVolumePathNamesForVolumeNameW
GetModuleHandleW
GetVersionExW
GetPriorityClass
GetCurrentThreadId
CompareStringW
CloseHandle
CloseHandle
MulDiv
InterlockedDecrement
GlobalLock
VirtualAlloc
ExitProcess
SleepEx

adsnards

_Dnorm
_LSinh
_LXbig
_Sinh
_FDtest
_Toupper
_FSinh
_Nan
_Tolower
_Rteps
_Wcrtomb

user32

GetClassNameA
MonitorFromPoint
LoadStringW
GetClientRect
MapDialogRect
SetCursor
DestroyAcceleratorTable
MoveWindow
SetFocus
LockSetForegroundWindow
GetDlgItem
LoadCursorW
ShowWindow
SetWindowLongW
ScreenToClient
CallWindowProcW
OpenClipboard
GetMenuItemCount
RegisterClassExW
KillTimer
ReleaseCapture
GetKeyState
ReleaseDC
GetSysColorBrush

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

620402dec6530fbb27d88553c98c22a6

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ntdll

kernel32

adsnards

user32

Sections

.text Size: 55KB - Virtual size: 55KB

.data Size: 117KB - Virtual size: 117KB

.rsrc Size: 46KB - Virtual size: 48KB

.text
Size: 55KB - Virtual size: 55KB

.data
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 46KB - Virtual size: 48KB