20ca54132d012c586cfb82b1e37598b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

20ca54132d012c586cfb82b1e37598b0_JaffaCakes118
Size

234KB
MD5

20ca54132d012c586cfb82b1e37598b0
SHA1

7802ebc9613e1392d76913a85faa6535aa26b3da
SHA256

d2b3e08b68e3bd3c6750f099e4bd80c4f0e91a2625c845089cdbfe6120b78dc4
SHA512

ff2c3a887671ea49e5f95dfc67fd118218947c5de4b7e4f3d5ad968a73703f5e1b3747fb4a654426469c69dd87b9fd832023aeb17ccf346565da51afc7d5e554
SSDEEP

6144:vBu9rNORLcRmfH9VyOizQB4GK5Ir0IUUzHitZEQLi1gOiHu1n9pbe:vBuSfH9VyjzRGgIrU4HiLEQwpe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20ca54132d012c586cfb82b1e37598b0_JaffaCakes118

Files

20ca54132d012c586cfb82b1e37598b0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fef4fa0187a28c6f0f22b50e8e4cbf14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
GetClientRect
SetCaretPos
GetFocus
SetCapture
MessageBeep
MsgWaitForMultipleObjects
SetTimer
GetMenu
CreateCaret
CloseClipboard
IntersectRect
GetScrollRange
GetIconInfo
SetRect
SetWindowTextA
SetScrollInfo
ValidateRect
GetMessageExtraInfo
GetClassLongW
GetKeyboardState
IsClipboardFormatAvailable
SetCursor
MessageBoxW
EnumClipboardFormats
InvalidateRgn
GetScrollPos
InflateRect
GetMessageTime
EnableMenuItem

ntdll

ZwSetInformationProcess
NtCreateTimer
RtlAddAce
NtQueryValueKey
NtIsProcessInJob
RtlCompareString

d3drclog

_Dtest
_Strcoll
_Snan
_LDscale
_Toupper
_FDenorm
_FEps
_Wcrtomb
_Exp
_Getcoll
_Denorm
_Cosh
_LCosh
_FSnan
_Tolower
_Getctype
_Xbig
_Poly

ole32

OleGetIconOfClass
CreateILockBytesOnHGlobal
OleFlushClipboard
StgCreateDocfile
ReleaseStgMedium
StgOpenStorageOnILockBytes
MkParseDisplayName

kernel32

GetSystemTime
GetFullPathNameW
GetPriorityClass
SetFileAttributesW
SetErrorMode
FormatMessageA
MoveFileW
InterlockedDecrement
CloseHandle
GlobalSize
GetVersionExW
SizeofResource
SetEnvironmentVariableW
ReadFile
GetFileAttributesW
FindNextFileW
GetSystemTimeAsFileTime
SearchPathW
LocalAlloc
EnumSystemLocalesW
GetVersion
SetFilePointer
VirtualFree
GetVolumeInformationW
GetCurrentThreadId
SleepEx
GlobalReAlloc
VirtualProtect

gdi32

EnumFontsW
GetPaletteEntries
ExcludeClipRect
CreateICW
SetWinMetaFileBits
GetWindowOrgEx
DeleteMetaFile
Rectangle
GetTextExtentPointA
Arc
CreateBrushIndirect
GetBitmapBits
CreatePolygonRgn
Ellipse
DeleteDC
StretchBlt
GetTextCharsetInfo
GetViewportExtEx
CreateRectRgn
BitBlt
SetWindowOrgEx
SaveDC
CombineRgn

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fef4fa0187a28c6f0f22b50e8e4cbf14

Headers

DLL Characteristics

File Characteristics

Imports

user32

ntdll

d3drclog

ole32

kernel32

gdi32

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 34KB - Virtual size: 36KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 34KB - Virtual size: 36KB