4cddfbadce3431e3aafc2ca91b16b541_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4cddfbadce3431e3aafc2ca91b16b541_JaffaCakes118
Size

18KB
MD5

4cddfbadce3431e3aafc2ca91b16b541
SHA1

3a70c7ebcc01217b7acca32767a5651480757a71
SHA256

7bbe44f2f9a191dffe0f1ef27132c8d05e49b4e8d2d3112cee917e33f713afbd
SHA512

2894a037bf55eaf0f5f3a2042132936fcdb399e349c42d57c2ee1d026508e8358ac20ecc80d3b7e85b11aee161a4e5a7f1c00b46deeea4b7e7064112612eb589
SSDEEP

384:KgzcsBYKrMSo6hz04JSyFzbmmdl8g14veoDUuoeWwJ:NAsBYGc2IyFzbmC76DHAwJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cddfbadce3431e3aafc2ca91b16b541_JaffaCakes118

Files

4cddfbadce3431e3aafc2ca91b16b541_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ffba9f3d2aeabc20f65e65af32864d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
EnterCriticalSection
DisableThreadLibraryCalls
InterlockedExchange
InterlockedDecrement
LoadLibraryA
QueryPerformanceCounter
InterlockedIncrement
DisableThreadLibraryCalls
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
InterlockedExchange
LocalFree
CreateThread
GetCurrentProcess
UnhandledExceptionFilter
DisableThreadLibraryCalls
CreateEventW
HeapAlloc
CreateThread
DisableThreadLibraryCalls
VirtualProtect
LocalAlloc
GetCurrentThreadId
VirtualProtect
LocalFree
LocalFree
VirtualAlloc
GetCurrentProcessId
InterlockedDecrement
lstrlenA
MultiByteToWideChar
EnterCriticalSection
CloseHandle
GetModuleFileNameA
EnterCriticalSection
GetVersionExA
CreateFileW
GetProcessHeap
LeaveCriticalSection
FreeLibrary
EnterCriticalSection
DisableThreadLibraryCalls
GetModuleFileNameA
HeapDestroy
LocalAlloc
SetLastError
lstrlenA
LoadLibraryW

gdi32

CreatePen
GetWindowExtEx
SetBkColor
CreateBitmap
BitBlt
MoveToEx
Ellipse
CreateFontIndirectA
SetBrushOrgEx
BitBlt
SetPixel
CreateBitmapIndirect
Ellipse
Ellipse
CreateCompatibleDC
CombineRgn
SetBrushOrgEx
Rectangle
CombineRgn
Ellipse
Ellipse
CreateCompatibleDC
GetWindowExtEx
SetWindowExtEx
SetBkMode
SetBrushOrgEx
CreatePen
GetWindowOrgEx
CreateSolidBrush
SetWindowExtEx
SetWindowOrgEx
GetBrushOrgEx
SetBrushOrgEx
CreateRectRgn
SelectObject
CreateDIBitmap
CreatePen
SetPixel
CreateFontIndirectA
PatBlt
CreateDIBSection
CreateDIBSection
StretchBlt
GetCurrentObject
GetBkColor
SetBkColor
CreateBitmapIndirect
CreateRectRgn
CreateFontIndirectA
CreateFontA
GetBkMode
CreateRectRgn
SetWindowOrgEx
SetWindowExtEx
CreateDIBSection
GetWindowExtEx
SetBkColor

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ffba9f3d2aeabc20f65e65af32864d6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB