4dabdad41c7d45a2942120b549f0f120_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4dabdad41c7d45a2942120b549f0f120_JaffaCakes118
Size

237KB
MD5

4dabdad41c7d45a2942120b549f0f120
SHA1

92bb722ba2f5cc1a000250735a70a03fb0814a57
SHA256

cd2e96f1a40bb5e406dcde802c22ad21874c490a8643a4b41fa6f74e7c50a899
SHA512

2d38fe9af2ec70c71fdd5091a808ac094beb8c13f7931079145b2dfc5f359f65f8ee5d73c67ca1648fa787e66391899c5cd22023fbf1ad4644339be6a795a488
SSDEEP

6144:ctEe4pWHuC5ugkrDTSheahtbSkvTVtJKZq4LxZz0Cdvr:cj4p2uC5ugkfalVTKE4LDtdvr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dabdad41c7d45a2942120b549f0f120_JaffaCakes118

Files

4dabdad41c7d45a2942120b549f0f120_JaffaCakes118
.exe windows:5 windows x86 arch:x86

31b729101d6d54511ccf946edfdd5a03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

browntfs

_Poly
_Dnorm
_Strxfrm
_LExp
_Stof
_LXbig
_Getcoll
_Dscale
_LDtest
_LNan
_Wcrtomb
_FCosh

user32

SetParent
ScrollWindowEx
DestroyCursor
DrawFocusRect
PostMessageA
EqualRect
DrawEdge
GetWindowLongW
GetClientRect
CreateMDIWindowW
LoadCursorA
RegisterClassW
LoadAcceleratorsA
CreateDialogIndirectParamA
CreateDialogIndirectParamW
SetScrollRange
RegisterWindowMessageA
CreateCaret
RegisterClassExA
SetWindowPos
GetCaretBlinkTime
IsIconic
WaitMessage
MessageBoxA
UnregisterClassA
GetCapture
GetClipboardFormatNameA
ShowWindow
RegisterClipboardFormatA
ChangeClipboardChain

ntdll

ZwSetEvent
NtProtectVirtualMemory
ZwCreateTimer
NtQueryInformationFile

gdi32

Polyline
SetDIBits
GetTextCharsetInfo
CreateRectRgnIndirect
GetPaletteEntries
GetWinMetaFileBits
UnrealizeObject
GetViewportOrgEx
GetSystemPaletteUse
PlayMetaFileRecord
SelectClipRgn
SetBkColor
DeleteMetaFile
SelectPalette
CombineRgn
CreateRectRgn
Rectangle
DeleteDC
Escape
SetWindowOrgEx

advapi32

RegQueryValueExW

ole32

RegisterDragDrop
CoTreatAsClass
OleSaveToStream
OleRegEnumFormatEtc
OleQueryLinkFromData
StgCreateDocfile
OleQueryCreateFromData
ReadClassStg
DoDragDrop
OleCreateLinkFromData
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateItemMoniker
OleCreateFromData

kernel32

TerminateProcess
HeapSize
GetStartupInfoW
InitializeCriticalSection
GetFileSize
IsDBCSLeadByteEx
GetStringTypeA
WriteFile
HeapFree
VirtualFree
LockResource
GetThreadLocale
SetFileTime
FreeEnvironmentStringsA
SetHandleCount
GetCurrentThreadId
CreateFileA
lstrlenA
GlobalSize
GetSystemTime
GlobalFree
InterlockedDecrement
GetStringTypeW
ResumeThread
SetFileAttributesW
lstrcmpA
OutputDebugStringW
GetModuleFileNameW
GetFileAttributesA
SetUnhandledExceptionFilter
GlobalReAlloc
SetPriorityClass
GetEnvironmentStrings
GetTickCount
FileTimeToDosDateTime
Sleep
GlobalAlloc
GetModuleFileNameA
IsBadCodePtr

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31b729101d6d54511ccf946edfdd5a03

Headers

DLL Characteristics

File Characteristics

Imports

browntfs

user32

ntdll

gdi32

advapi32

ole32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 11KB - Virtual size: 11KB

.rsrc Size: 208KB - Virtual size: 212KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 208KB - Virtual size: 212KB