24a5ea919024e7aef57e6a310d3fa548_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24a5ea919024e7aef57e6a310d3fa548_JaffaCakes118
Size

197KB
MD5

24a5ea919024e7aef57e6a310d3fa548
SHA1

74dfdf532e7b69073b765065764f83e9c4b49cb8
SHA256

3e5193505789dd750192c2b247f3770b44fcf26e9bf4358a6cc3495593d5aa0d
SHA512

0b6721ed7ff4f4faa14a5fbd7d26d973b255f4b6c42ca584467c07c8f25e1a429f95fa2c79340618a0b3eeaaa81ae4946c719e1933d25db904b4af892aefee39
SSDEEP

6144:9Lw6MWoI5jh28KKY8anb9O2sDOR5Rke1x3l/piAwTb:9Lw6MpUllY1sC7RDxKAwTb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24a5ea919024e7aef57e6a310d3fa548_JaffaCakes118

Files

24a5ea919024e7aef57e6a310d3fa548_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6527e299ea3bbc68d5f532ded87dd50a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
lstrcmpA
GetTempFileNameA
GlobalAlloc
WaitForMultipleObjects
InterlockedDecrement
GetStartupInfoW
GetModuleFileNameW
VirtualFree
LeaveCriticalSection
GetTempPathA
EnterCriticalSection
CloseHandle
DeleteFileA
SetHandleCount
IsDBCSLeadByteEx
Sleep
GlobalMemoryStatus
IsBadWritePtr
VirtualAlloc
SetProcessWorkingSetSize
SetPriorityClass
GlobalAlloc
HeapFree
SizeofResource
IsBadReadPtr
Sleep

ole32

OleIsCurrentClipboard
StgOpenStorage
OleRun
CLSIDFromString
OleInitialize
CoFreeUnusedLibraries
OleRegEnumVerbs
ReleaseStgMedium
OleCreateFromFile
OleFlushClipboard
CoIsOle1Class
CreateOleAdviseHolder
OleRegEnumFormatEtc
OleGetIconOfFile
GetHGlobalFromILockBytes
CreateFileMoniker

adsltapi

_Rteps
_LSnan
_Nan
_Strcoll
_Tolower
_LNan
_LDscale
_Exp
_Getcoll
_LDenorm
_LXbig

ntdll

NtResumeThread
NtQueryValueKey
NtQueryInformationFile
NtQuerySection
NtSetSystemInformation
RtlCancelTimer
NtQuerySystemTime
NtCreateTimer
ZwProtectVirtualMemory
ZwSetEvent

user32

ValidateRgn
RegisterWindowMessageA
DestroyCursor
WaitMessage
SetWindowPos
RedrawWindow
DrawFocusRect
DispatchMessageA
CharToOemBuffA
CreateIcon
GetDlgItem
EnumDisplaySettingsA
PostMessageA
GetMenu
UnregisterClassA
BringWindowToTop
ShowCursor
CallWindowProcA
DrawMenuBar
GetWindowTextLengthA
AttachThreadInput
IsDialogMessageA
SendMessageW
CreateMenu
GetSysColorBrush
GetMenuItemCount
WindowFromDC

gdi32

BitBlt
SetStretchBltMode
GetClipRgn
IntersectClipRect
SelectClipRgn
SetTextAlign
ExtTextOutA
SaveDC
CreateBrushIndirect
ExtSelectClipRgn
SetMapMode
GetClipBox
CreateDIBSection
SetViewportOrgEx
Escape
TextOutA
RoundRect
GetNearestColor
GetTextColor
GetSystemPaletteEntries

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6527e299ea3bbc68d5f532ded87dd50a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

adsltapi

ntdll

user32

gdi32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 149KB - Virtual size: 152KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 149KB - Virtual size: 152KB