1a25ade19cc20f8943a5ca044af05da5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a25ade19cc20f8943a5ca044af05da5_JaffaCakes118
Size

245KB
MD5

1a25ade19cc20f8943a5ca044af05da5
SHA1

37b7f29d52e5a25978c7f11b6dd206bd19457c9f
SHA256

fc9072f249d17813676908dc04a0576943044352147205e593c3526cc4a84261
SHA512

f60b6166ed93fea397b766e772b9975d3003341114786d7d1e85431a1675e363545ab6a66a73c332bdc86cf22a967b2751db928c29b8399078c5e29955f4e8ef
SSDEEP

6144:I16d2xMOo3m/6vHniNM6261JdkgPQw3QFf4B:I16oaWEn7T613kgIwq8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a25ade19cc20f8943a5ca044af05da5_JaffaCakes118

Files

1a25ade19cc20f8943a5ca044af05da5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9cd37209f3f4b4d4c9337a9888358ffd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
CoFileTimeNow
ReadClassStg
CoRegisterClassObject
WriteFmtUserTypeStg
WriteClassStm
OleMetafilePictFromIconAndLabel
SetConvertStg
OleSetMenuDescriptor
OleGetIconOfClass
RegisterDragDrop
ProgIDFromCLSID
OleLoad

kernel32

GetTickCount
GetModuleHandleA
GetFileAttributesW
GlobalFree
GetProfileIntA
OutputDebugStringW
SetLastError
VirtualFree
lstrcmpiA
QueryPerformanceFrequency
IsBadWritePtr
GetFileAttributesA
Sleep
GlobalAlloc
CreateFileA
QueryPerformanceCounter
GetCommandLineW
InterlockedDecrement
HeapReAlloc
GetEnvironmentStrings
ResetEvent
SearchPathA
LeaveCriticalSection
TlsSetValue
WideCharToMultiByte
GetLogicalDrives
GetModuleFileNameW
MultiByteToWideChar
GetSystemTime
CreateEventA
VirtualAlloc
TlsAlloc
lstrlenW
GlobalReAlloc
SetPriorityClass

ntdll

NtWriteFile
NtQueryInformationFile
NtCreateTimer
RtlFillMemory
NtSuspendThread
ZwSetEvent
RtlCompareUnicodeString
RtlExitUserThread
NtProtectVirtualMemory
RtlCreateTimer

gdi32

Escape
CreatePalette
GetTextFaceA
GetTextMetricsA
GdiSetBatchLimit
GetWinMetaFileBits
CreatePen
StretchBlt
PlayMetaFileRecord
SetRectRgn
GetTextCharsetInfo
SetMetaFileBitsEx
OffsetWindowOrgEx
FillRgn
GetClipRgn
GetObjectType
EnumEnhMetaFile
GetDCOrgEx
SelectPalette
GetOutlineTextMetricsA
StretchDIBits

advapi32

RegSetValueExA
RegOpenKeyExA

dfrgureg

_Wcrtomb
_Dnorm
_FSinh
_LDtest
_Getcvt
_Cosh
_Rteps

user32

CopyRect
DefWindowProcW
CheckDlgButton
GetWindowTextW
IsDialogMessageA
IsWindowVisible
DrawEdge
GetKeyboardLayoutList
ClipCursor
GetScrollInfo
ActivateKeyboardLayout
RegisterClassExA
InvalidateRect
DestroyCaret
ValidateRgn
InvertRect
SetActiveWindow
SendDlgItemMessageA
SetScrollInfo
CopyAcceleratorTableA
GetKeyState
DispatchMessageA
CallWindowProcA
GetWindowThreadProcessId
DrawIconEx
DrawMenuBar
PeekMessageA
EqualRect
GetWindowTextA
GetDC
SetCursorPos
GetKeyboardLayout
CallWindowProcW
UnregisterClassA
SetWindowLongA
GetWindowLongA
DestroyIcon

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cd37209f3f4b4d4c9337a9888358ffd

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

ntdll

gdi32

advapi32

dfrgureg

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 184KB - Virtual size: 188KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 184KB - Virtual size: 188KB