5b942bfe82e3c0a837484bc28db1f9a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b942bfe82e3c0a837484bc28db1f9a4_JaffaCakes118
Size

244KB
MD5

5b942bfe82e3c0a837484bc28db1f9a4
SHA1

e1ceeae367b8a7d9adc96e7c1489b1434ba5fe9c
SHA256

7ba69f3869023f378b993e7b26b11285943711625c0ff1698aaa3eab589ebf6c
SHA512

2348f2f7acc04d8a340490c56ac44c5d50e83e476586272c2fc44dc6dc8a7772d2b16c4a15c4f6ef7df467079fbe9c01b6ac55ad0285a03935220c720f7bbf04
SSDEEP

6144:hFhr0Cl1Da0GAGuQAS/8BtPjRal2oS4PHXG:hXzlJxm/8BjalvS4PH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b942bfe82e3c0a837484bc28db1f9a4_JaffaCakes118

Files

5b942bfe82e3c0a837484bc28db1f9a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7116944e06606407c9160de0740a5f6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQueryInformationFile
NtCreateTimer
RtlCompareString
NtProtectVirtualMemory
NtReadFile
NtWriteFile
RtlAddAce
RtlExitUserThread
NtResumeThread
ZwSetEvent

ole32

CoRegisterMessageFilter
CoIsOle1Class
OleLoad
SetConvertStg
StgOpenStorage
MkParseDisplayName
GetClassFile
CoFileTimeNow
OleSaveToStream
OleSetMenuDescriptor
OleUninitialize
OleMetafilePictFromIconAndLabel
StgCreateDocfile

advapi32

RegQueryValueExW

kernel32

lstrcmpW
VirtualFree
lstrcatA
Beep
InterlockedDecrement
SetFilePointer
FileTimeToSystemTime
lstrlenW
GlobalAddAtomA
GlobalAlloc
TlsGetValue
IsBadWritePtr
SearchPathA
Sleep
lstrcmpiA
GetStartupInfoA
LeaveCriticalSection
GetTimeFormatA
WriteFile
TlsSetValue
CreateThread
GetCurrentDirectoryA
HeapFree
GetProfileStringA
SystemTimeToFileTime
GetLocaleInfoW
GlobalDeleteAtom
TlsAlloc
GlobalAlloc
EnterCriticalSection
SetProcessWorkingSetSize
VirtualFree
SetPriorityClass

user32

ClientToScreen
MessageBeep
GetUpdateRect
PeekMessageA
WindowFromDC
ScrollDC
SetWindowPos
GetScrollRange
RegisterClassA
EnumDisplaySettingsA
SetCursor
FrameRect
GetCapture
IsWindow
GetClipboardFormatNameA
GetActiveWindow
SetTimer
DrawFrameControl
ValidateRgn
CreateDialogIndirectParamA
DestroyCursor
DefWindowProcA
DestroyIcon
ActivateKeyboardLayout
PeekMessageW
EqualRect
RedrawWindow
DefMDIChildProcW
IsWindowUnicode
TranslateMDISysAccel

gdi32

OffsetRgn
RestoreDC
SetROP2
EnumEnhMetaFile
GetEnhMetaFileHeader
GetNearestColor
GetDCOrgEx
OffsetViewportOrgEx
FillRgn
CreateRectRgnIndirect
RoundRect
AnimatePalette
GetEnhMetaFileBits
UnrealizeObject
GetObjectType
CreateSolidBrush
SetTextColor

aclexmlc

_LPoly
_Nan
_LDenorm
_LEps
_Tolower
_Getctype
_Sinh
_Cosh
_LExp

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7116944e06606407c9160de0740a5f6a

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

ole32

advapi32

kernel32

user32

gdi32

aclexmlc

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 186KB - Virtual size: 188KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 186KB - Virtual size: 188KB