6556d79120307bd3ec5e1d535a5af43f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6556d79120307bd3ec5e1d535a5af43f_JaffaCakes118
Size

282KB
MD5

6556d79120307bd3ec5e1d535a5af43f
SHA1

bbcff2ee9f95fc55ffc5e22ff4417da1f82e4746
SHA256

ac59f7482ab7006b748d46614b5bffdd06674a4d001bc4b83360f6b946b4bae1
SHA512

8af2fa7c510a24595c2a4f84d919b1b2a5bb3e4a7534252a5d00e7f142a52377770e65cfa4f84513e802becfa4fb76961151f4c935e0575b0477ec638e8e92fd
SSDEEP

6144:ePwj0uZVckdtnGlVy10+5p+87VBNUigoAgpjvqVz6rWzYOOdGi:tRrNdtcE0+597VBNUNcWJzYOOki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6556d79120307bd3ec5e1d535a5af43f_JaffaCakes118

Files

6556d79120307bd3ec5e1d535a5af43f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

376206597640521474a4f0612619435b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
CopyRect
WindowFromDC
GetCaretBlinkTime
SetWindowPos
GetDoubleClickTime
EqualRect
CharToOemBuffA
InvalidateRect
GetTopWindow
IsWindowUnicode
DrawFrameControl
OffsetRect
CreateDialogIndirectParamW
GetKeyboardLayout
KillTimer
TranslateAcceleratorA
WinHelpW
CreateWindowExW
BringWindowToTop
SetRectEmpty
CopyAcceleratorTableA
PeekMessageW
SetActiveWindow
GetClassNameA
ChangeDisplaySettingsExA
WinHelpA
UnregisterClassA
LoadAcceleratorsA
EnumDisplaySettingsA
GetWindowPlacement
LoadCursorA
ChangeClipboardChain

gdi32

GetDeviceCaps
CreateCompatibleBitmap
StartDocA
GetTextExtentPoint32A
DPtoLP
SelectObject
GetEnhMetaFileBits
SetBkColor
GetRasterizerCaps
IntersectClipRect
CreatePatternBrush
GetFontData
CreateSolidBrush
GetNearestColor
SetROP2
LPtoDP
GetRgnBox
GetPixel
CreateDIBPatternBrushPt
EnumFontFamiliesExA
LineTo

ntdll

NtCreateMutant
RtlCreateTimer
NtQueryInformationFile
ZwSetEvent
NtSuspendThread
ZwProtectVirtualMemory

ole32

OleGetClipboard
CoTreatAsClass
OleCreateFromData
WriteClassStm
DoDragDrop
OleCreateFromFile
CoFreeUnusedLibraries
OleLoad
OleRegEnumVerbs
ProgIDFromCLSID
StringFromGUID2
CLSIDFromString
WriteClassStg
OleMetafilePictFromIconAndLabel
OleSetClipboard
CoGetMalloc

kernel32

GetStringTypeW
VirtualFree
GetStartupInfoA
LoadLibraryW
GetUserDefaultLCID
SetFileTime
SetStdHandle
SleepEx
InterlockedDecrement
CreateProcessW
lstrcmpA
GetProfileStringA
SizeofResource
CloseHandle
GetStdHandle
FileTimeToDosDateTime
GetEnvironmentStrings
QueryPerformanceFrequency
GetPriorityClass
SetLastError
QueryPerformanceCounter
GlobalGetAtomNameW
CreateProcessA
SetProcessWorkingSetSize
GetCurrentThread
ReadFile
GetTempPathA
GetTickCount
GetProcAddress
GetVersionExA
UnhandledExceptionFilter
GlobalAlloc
LeaveCriticalSection
HeapReAlloc
MulDiv
EnterCriticalSection

atra2nls

_LDscale
_FDtest
_LNan
_Stold
_Stof
_Strcoll
_FInf
_FXbig

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

376206597640521474a4f0612619435b

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ntdll

ole32

kernel32

atra2nls

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 24KB - Virtual size: 28KB