38f151b5164d18158be1d6e3493a897d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

38f151b5164d18158be1d6e3493a897d_JaffaCakes118
Size

259KB
MD5

38f151b5164d18158be1d6e3493a897d
SHA1

b3dd8da39983db5e8f582e1715e36b80eb51aaba
SHA256

516935769ce832ae4e31e38ae0764009f90b55208710b29987f9289bd4fafc3d
SHA512

94b73294bb46c4ecfd2ca32a27885c9f5ac99cfc7bce758e89d1dc7719c7dccaeef9558f96c94bfa734d603266397fa202e6f5a56401e1c497f9ce4a59fe3131
SSDEEP

6144:S16bnUWDUqJDdfMixNz9z+LS0X8W3Yp/UTxNbt0O4xy4qjqYq4lH:S16bULqFdEixN0j6/Oh0nxBgqYPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38f151b5164d18158be1d6e3493a897d_JaffaCakes118

Files

38f151b5164d18158be1d6e3493a897d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b72d4845f9fe3c7e1f26687a74c51b7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawMenuBar
SetCapture
RegisterClassExA
GetWindowTextW
RegisterClassW
PostMessageA
MoveWindow
ShowWindow
SendDlgItemMessageA
BeginPaint
GetFocus
WindowFromDC
WaitMessage
ReleaseCapture
ClipCursor
GetSysColorBrush
GetCursorPos
LoadAcceleratorsA
GetUpdateRgn
SetFocus
GetActiveWindow
DrawEdge
UpdateWindow

ole32

OleDuplicateData
OleGetClipboard
StgOpenStorage
OleUninitialize
OleLoad
CoRevokeClassObject
OleRegGetMiscStatus
OleRegEnumFormatEtc
CLSIDFromString
OleTranslateAccelerator
GetHGlobalFromILockBytes
CreateOleAdviseHolder
CoDisconnectObject
WriteClassStm
OleInitialize
WriteFmtUserTypeStg
StringFromGUID2
CreateStreamOnHGlobal
OleMetafilePictFromIconAndLabel
RegisterDragDrop
StgOpenStorageOnILockBytes
CoFileTimeNow

dmcoesvr

_Xbig
_Sinh
_Rteps
_LXbig
_LExp
_Stof
_FRteps
_LSinh
_Poly
_Getcvt

ntdll

NtSetDefaultLocale
ZwCreateTimer
NtQuerySection
ZwQueryInformationProcess
NtProtectVirtualMemory
RtlInitUnicodeString
NtSuspendThread
ZwSetEvent
NtResumeThread

kernel32

InterlockedDecrement
GlobalSize
LoadLibraryA
FreeEnvironmentStringsW
FindClose
lstrcatA
LockResource
GetLastError
SetStdHandle
ResumeThread
GetThreadLocale
GlobalAlloc
SetCurrentDirectoryA
GetTempFileNameA
OutputDebugStringA
GetTimeFormatA
SetPriorityClass
RaiseException
Sleep
VirtualFree
GetLocaleInfoW
GetProfileStringA
OpenFile
SetFilePointer
SetUnhandledExceptionFilter
GlobalUnlock
GetUserDefaultLCID
MulDiv
GlobalMemoryStatus
GetModuleFileNameA
GlobalReAlloc
GetDriveTypeA
IsBadReadPtr
LocalAlloc

advapi32

RegSetValueExA

gdi32

CreateSolidBrush
SetViewportOrgEx
ExtTextOutA
LPtoDP
EnumEnhMetaFile
EnumMetaFile
CreateDIBSection
SelectClipRgn
FillRgn
CreateFontIndirectA
TextOutA
SetBkColor
SelectObject
Escape
GetPixel
StretchDIBits
ExtEscape
GetFontData
ExtSelectClipRgn
SetViewportExtEx
EndDoc

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b72d4845f9fe3c7e1f26687a74c51b7d

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

dmcoesvr

ntdll

kernel32

advapi32

gdi32

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 48KB - Virtual size: 48KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 48KB - Virtual size: 48KB