189a5cb0655eb11a1d52a92b28cc8d85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

189a5cb0655eb11a1d52a92b28cc8d85_JaffaCakes118
Size

198KB
MD5

189a5cb0655eb11a1d52a92b28cc8d85
SHA1

fbba15f94bfb459d8c0132ad678d521464b50716
SHA256

891fb16f551792a3f970b6f0f2765e412655245c9a0b28187d51af4528a8c557
SHA512

5ccf84eaf9b2ef636ae4a1aaeddc52753e286897921398dd45c474a1bc122c0802adcb9dc7900150f4e81d1ef77c6312435837d221b1958dde16fcc88a25aa76
SSDEEP

3072:VduA3caEV5/HK3w4eALKY9E//BgLd5+sDylHlh4vNpOgWPtK+qy0r:VdTcaMy3waeYmQujhm4gW1K+qN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
189a5cb0655eb11a1d52a92b28cc8d85_JaffaCakes118

Files

189a5cb0655eb11a1d52a92b28cc8d85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cc280aa3cbf71b744f37178f933981ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetProcessHeap
WriteFile
Sleep
HeapCreate
FlushFileBuffers
GetLastError
SetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
CloseHandle
LocalFree
SetHandleCount
CreateFileW
WriteConsoleW
SetStdHandle
HeapReAlloc
LoadLibraryW
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsProcessorFeaturePresent
HeapFree
InterlockedDecrement
InterlockedIncrement
HeapAlloc
InitializeCriticalSectionAndSpinCount
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
TlsFree
QueryPerformanceCounter
TlsSetValue
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
GetFileType

user32

SetSysColors
UpdateWindow
GetWindowRect
GetClientRect
GetIconInfo
GetDC
GetForegroundWindow
GetWindowTextA
ReleaseDC

gdi32

DeleteObject
CreateCompatibleDC
CreateSolidBrush

oleaut32

VariantClear

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc280aa3cbf71b744f37178f933981ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 136KB - Virtual size: 143KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 136KB - Virtual size: 143KB

.rsrc
Size: 6KB - Virtual size: 5KB