169275918104a44d15410cdd3a658acc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169275918104a44d15410cdd3a658acc_JaffaCakes118
Size

188KB
MD5

169275918104a44d15410cdd3a658acc
SHA1

e5cf3fde6a0cc4e79b4062c7bcb975c737bab013
SHA256

ce87197d3a33253a0ab8a4d69b30a87ba6919dfdd50ef11297ab369c48375126
SHA512

0d34013d34fd3fd7c880f696aad016ec7a99801c21842bd41eb192fdfb165efbf28b951e5c70d8aaa1cc2fe399bfa4d5e6ce95a3aef9970aa1cca13f6bed1f82
SSDEEP

3072:eF1YX4AajwPBHRdRZfK6DCQ/+E624oliyiPEBNBdbz1bJXh8vhp7i:01YjaeBHRdRZfK6CpsMA/ZMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169275918104a44d15410cdd3a658acc_JaffaCakes118

Files

169275918104a44d15410cdd3a658acc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b5ea064197be5725864ce8adef8b7649

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mswrd6.pdb

Imports

msvcrt

_adjust_fdiv
malloc
free
_setjmp3
longjmp
_initterm
memmove

kernel32

GetLocalTime
GlobalAlloc
GlobalReAlloc
GlobalSize
SetFilePointer
GetFileSize
lstrlenA
DeleteFileA
MoveFileA
CloseHandle
FlushFileBuffers
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalFree
LocalAlloc
LocalFree
GlobalHandle
IsDBCSLeadByte
LocalUnlock
LocalReAlloc
CreateFileA
ReadFile
WriteFile
GetModuleFileNameA
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileAttributesA
lstrcpynA
GetSystemDefaultLangID
lstrcpyA
LoadLibraryA
SetErrorMode
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
FreeLibrary
GetCurrentProcess
LocalLock
lstrcatA

user32

wsprintfA
CharUpperA
CharLowerA
LoadStringA
IsCharAlphaA
OemToCharA
IsCharUpperA
IsCharAlphaNumericA
RegisterClipboardFormatA
GetLastActivePopup
MessageBoxA

gdi32

DeleteMetaFile
SetMetaFileBitsEx
GetMetaFileBitsEx

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

OleInitialize
OleBuildVersion
OleUninitialize
StgCreateDocfile
StgOpenStorage
OleConvertIStorageToOLESTREAM
OleSave
OleLoad
WriteFmtUserTypeStg
WriteClassStg

Exports

Exports

AbortForeignToRtf
AbortRtfToForeign
CchFetchLpszError
CchFetchMainStream
ConvertForeignToRtf
ConvertRtfToForeign
DllMain
FFetchSzzClasses
FFileRecognized32
FPrivateRetryMemError
FRegisterConverter
ForeignToRtf32
GetReadNames
GetWriteNames
InitConverter32
IsFormatCorrect32
RegisterApp
RtfToForeign32
UninitConverter
_AbortProcessing

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5ea064197be5725864ce8adef8b7649

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

advapi32

version

ole32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 156KB

.data Size: 3KB - Virtual size: 17KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 156KB - Virtual size: 156KB

.data
Size: 3KB - Virtual size: 17KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 13KB - Virtual size: 13KB