625bd474091786de845e2ac1f51cfc76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

625bd474091786de845e2ac1f51cfc76_JaffaCakes118
Size

258KB
MD5

625bd474091786de845e2ac1f51cfc76
SHA1

a1aad58da430cbea3119599e84a93b9a8fbf3f6c
SHA256

fad174984f74ea2f0b23dd6241ae8f8660b95dfcb25e1a5a31b7f5142d032257
SHA512

c61f69b12fd7db528199f2bcfcb4f5cf54e6994fc1fd0a03848b65d9894081decd450f794ba7257dd7f1b47c66a05fa1e53544fa378cefb4f807fd714847b041
SSDEEP

6144:sFafNzhFFw7Ggl/tN2uSkjiViztmDjcJokFyST:sFafNzhfA/euTjBujEoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
625bd474091786de845e2ac1f51cfc76_JaffaCakes118

Files

625bd474091786de845e2ac1f51cfc76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27989c2d6a23ce1670e6e193a4eec87d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipBox
CreateDIBSection
SelectPalette
CreateDIBitmap
OffsetRgn
EndPage
Polyline
IntersectClipRect
DeleteDC
Rectangle
StretchBlt
StartPage
SetAbortProc
SetDIBits
GetTextAlign
GetPixel
CombineRgn
ExtEscape
TextOutA
CreatePalette
AbortDoc
GetEnhMetaFileBits
GdiSetBatchLimit

imagpi32

_FDtest
_Toupper
_Stold
_Cosh
_FDnorm
_Stof

kernel32

FindClose
WaitForSingleObject
CreateFileA
SetErrorMode
LoadLibraryA
SetPriorityClass
Sleep
CreateProcessA
GetThreadLocale
GetCommandLineA
Sleep
QueryPerformanceCounter
WriteFile
InterlockedDecrement
GlobalReAlloc
lstrlenW
VirtualFree
HeapDestroy
Beep
OutputDebugStringA
GetACP
GlobalAlloc
GlobalAddAtomW
GetFileAttributesW

ole32

OleQueryCreateFromData
OleQueryLinkFromData
OleGetIconOfClass
CoFileTimeNow
OleGetClipboard
CreateOleAdviseHolder
ReadFmtUserTypeStg
SetConvertStg
CoGetClassObject
CoRegisterClassObject
OleRegEnumVerbs
GetClassFile
CoGetMalloc
OleUninitialize
WriteClassStm
OleRegGetMiscStatus
OleGetIconOfFile
OleCreateLink

ntdll

ZwSetEvent
NtProtectVirtualMemory
RtlCompareString
ZwCreateTimer
RtlCompareMemory
NtReadFile
ZwQueryInformationProcess

user32

GetClassNameA
GetMenuItemCount
TranslateMDISysAccel
WinHelpW
DrawIconEx
CallWindowProcW
LoadCursorA
TranslateAcceleratorA
PeekMessageA
DestroyCursor
ValidateRect
GetMenu
PostMessageA
CreateDialogIndirectParamW
DrawIcon
WindowFromPoint
GetClassInfoExA
CharToOemBuffA
ScrollWindowEx
LoadIconA
IsWindowUnicode
CreateIcon
SetWindowPos

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27989c2d6a23ce1670e6e193a4eec87d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

imagpi32

kernel32

ole32

ntdll

user32

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 58KB - Virtual size: 57KB

.rsrc Size: 46KB - Virtual size: 48KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 46KB - Virtual size: 48KB