3e7e5f6832332f04693da73d516bf0d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e7e5f6832332f04693da73d516bf0d1_JaffaCakes118
Size

17KB
MD5

3e7e5f6832332f04693da73d516bf0d1
SHA1

ca60a1db3e1203678d40ec77513122bbe30930ea
SHA256

bc567031e1b3e031dee6f45578065cc52a61c546ed2b7a00c7c04186fa9ccb67
SHA512

fa91a74c371e70bb7c6006987772fddea92d5fb061452a679bbd2665df6dd4a3e012d439fe050b2efc033863e2a842be47415c310f515b12fd1e28b8a3d5c6f6
SSDEEP

384:26F94FUi5LPkFXItNf8PlZYHaRNOoOJq/urV76iyZnG5DJ1lXKY:hF+FUi5jnfsh/OQ/urNR6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7e5f6832332f04693da73d516bf0d1_JaffaCakes118

Files

3e7e5f6832332f04693da73d516bf0d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e405cfd4a4ab8085c7fa1d31aeb5413

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetTickCount
GetModuleFileNameW
Sleep
lstrlenA
HeapFree
InterlockedExchange
VirtualAlloc
GetProcessHeap
CreateFileW
HeapDestroy
InterlockedCompareExchange
EnterCriticalSection
GetTickCount
CloseHandle
CloseHandle
HeapFree
CreateFileW
GetProcAddress
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
SetLastError
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
lstrlenA
InterlockedIncrement
HeapFree
GetModuleHandleA
DisableThreadLibraryCalls
GetCurrentProcessId
SetLastError
InterlockedIncrement
DisableThreadLibraryCalls
GetModuleHandleW
VirtualProtect
LocalAlloc
DisableThreadLibraryCalls
CreateFileW
SetLastError
lstrlenA
InitializeCriticalSection
GetCurrentProcessId
VirtualProtect
CreateEventW
HeapFree
GetLastError
UnhandledExceptionFilter
QueryPerformanceCounter
LocalFree
GetVersionExA
InitializeCriticalSection
GetLastError
SetLastError

gdi32

CreateSolidBrush
GetPixel
CombineRgn
PatBlt
StretchBlt
MoveToEx
StretchBlt
CombineRgn
CreateDIBSection
SetBkColor
SelectObject
CreateFontIndirectA
Ellipse
SetWindowExtEx
BitBlt
GetWindowExtEx
StretchBlt
Ellipse
Ellipse
GetWindowOrgEx
CreateDIBSection
SetBkMode
CreateDIBSection
LineTo
GetWindowOrgEx
CreateDIBitmap
BitBlt
CreateFontIndirectA
SetBrushOrgEx
SetBrushOrgEx
CreateCompatibleDC
CombineRgn
GetBkColor
SetBkMode
SetTextColor
SelectObject
GetWindowExtEx
SelectObject
CreateDIBitmap
SetWindowExtEx
SetBkMode
BitBlt
SetBkMode
SetBrushOrgEx
CreateDIBSection
GetCurrentObject
BitBlt
BitBlt
CreateBitmap
SelectObject

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e405cfd4a4ab8085c7fa1d31aeb5413

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 12KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB