47a48984c654e527acf332409e2214d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47a48984c654e527acf332409e2214d2_JaffaCakes118
Size

248KB
MD5

47a48984c654e527acf332409e2214d2
SHA1

cbd25f34d68cce7b302e9ceb2d97a19f934b20ce
SHA256

d39bc4e937ba36e87e1d4f4732c0f355170c4b30b90abc37435893668221d1a1
SHA512

da068792daf41b9131eba6e01821715a901417355858e5d4c5246c045f0460972ec4d5f8d1044dde21594563034fdf237dd8a22d91aac965d180c0ba0f358a05
SSDEEP

6144:J16XV+XBrBAKlugZyPOIYVXkFbW9sMShz4:J16wXzAKYoLVUFa9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a48984c654e527acf332409e2214d2_JaffaCakes118

Files

47a48984c654e527acf332409e2214d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57348514314e38e0867e6d6d298958bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LCMapStringW
CloseHandle
FileTimeToLocalFileTime
MulDiv
GetTickCount
WaitForMultipleObjects
UnhandledExceptionFilter
SetPriorityClass
GlobalAlloc
GetModuleFileNameA
SetCurrentDirectoryA
HeapDestroy
GetFileAttributesA
GetUserDefaultLCID
GetDateFormatA
GetSystemTime
GetTimeZoneInformation
CreateFileA
CreateThread
RaiseException
GetLocaleInfoA
LoadLibraryW
SetHandleCount
GlobalReAlloc
Sleep
GetACP
GetCurrentDirectoryW
CompareFileTime
FileTimeToDosDateTime
VirtualFree
GetCommandLineW
DeleteCriticalSection
GetVersion
InterlockedDecrement
FindResourceA
GlobalAlloc
HeapReAlloc
GetLocalTime

ole32

CoDisconnectObject
StringFromCLSID
OleRegGetMiscStatus
OleQueryCreateFromData
OleUninitialize
GetRunningObjectTable
CreateFileMoniker
WriteClassStm
RegisterDragDrop
ProgIDFromCLSID
GetHGlobalFromStream
CoRevokeClassObject
StringFromGUID2
CoRegisterClassObject
OleCreateLinkToFile

gdi32

SetRectRgn
SetMetaFileBitsEx
UpdateColors
DeleteObject
GetTextMetricsA
GetTextAlign
GdiFlush
RectVisible
SetDIBits
GetStockObject
CreateRectRgn
CreateDIBPatternBrushPt
CreateCompatibleBitmap
GetRasterizerCaps
CombineRgn
Escape
GetSystemPaletteEntries
CreatePalette
GetBitmapBits
SetStretchBltMode
GetFontData
GetWinMetaFileBits
OffsetViewportOrgEx

user32

CreateWindowExW
IsWindowEnabled
DispatchMessageW
SetScrollRange
DrawFrameControl
FillRect
SendDlgItemMessageA
EndPaint
GetWindowPlacement
GetDlgItem
GetWindowThreadProcessId
CreateWindowExA
SetTimer
GetWindowTextA
GetDC
PostMessageA
IsChild
ScreenToClient
GetScrollRange
SetRectEmpty
SetWindowLongW
SetCaretPos
GetKeyboardLayout
MapDialogRect
SetScrollInfo

advapi32

RegQueryValueExA

enca0300

_LDenorm
_Stod
_FSnan
_LPoly
_LRteps
_Getcvt

ntdll

RtlCancelTimer
RtlCreateTimer
NtCreateTimer
NtQueryInformationFile
ZwProtectVirtualMemory
ZwSetEvent

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57348514314e38e0867e6d6d298958bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

gdi32

user32

advapi32

enca0300

ntdll

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 178KB - Virtual size: 180KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 178KB - Virtual size: 180KB