6669a64927ecb3f5ffea189ea644aabb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6669a64927ecb3f5ffea189ea644aabb_JaffaCakes118
Size

290KB
MD5

6669a64927ecb3f5ffea189ea644aabb
SHA1

45e4d9c87e9eb249aaaac95f851508030a0f4986
SHA256

44e3f5d610c4dbece3b0ec182c4eaed1371ecf5f6e0969f2714c564ef7fb9bf4
SHA512

2b707278b83eb3079401ef1211a42cdd0d1c2622bdb94e1bff290eaddb5224c1c12c0f8dece0c5de286892a38c05f6ea7dbc2ffb4fbeaafe98ad16484748b86f
SSDEEP

6144:g16l9SJtfLP1KLqFj8FVjnnN0/f5g6lP86JLLBzNFBmltAdm5:g16l9SJvFAjNMf5XPVzbB9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6669a64927ecb3f5ffea189ea644aabb_JaffaCakes118

Files

6669a64927ecb3f5ffea189ea644aabb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

336cf7b53b62c23651764c8f5166c198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetClassObject
ReadClassStg
SetConvertStg
OleDestroyMenuDescriptor
OleDuplicateData

gdi32

StartDocA
ExtTextOutA
SetViewportOrgEx
RoundRect
CreateRectRgn
DPtoLP
Pie
GetTextFaceA
SetROP2
EnumEnhMetaFile
GetDCOrgEx
GetTextMetricsA
ExtEscape
SetWindowOrgEx
IntersectClipRect
GetStockObject
OffsetRgn
GetViewportOrgEx
GetObjectType
Polygon
SaveDC
SelectObject
GetSystemPaletteUse

ntdll

RtlCompareString
NtQuerySystemTime
ZwSetEvent
NtTraceEvent
RtlFreeUnicodeString
RtlExitUserThread
NtCreateMutant
ZwProtectVirtualMemory
RtlFillMemory
NtQueryInformationFile

advapi32

RegSetValueExA

kernel32

GetProfileIntA
WaitForMultipleObjects
GetStringTypeA
GlobalAlloc
SetPriorityClass
LCMapStringA
SetFilePointer
GetUserDefaultLCID
LCMapStringW
SetUnhandledExceptionFilter
InterlockedDecrement
FreeEnvironmentStringsA
GetCPInfo
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentProcess
HeapDestroy
SystemTimeToFileTime
LocalFree
GetStartupInfoW
VirtualFree
Sleep
GetProfileStringA
QueryPerformanceFrequency
EnterCriticalSection
GlobalUnlock
MultiByteToWideChar
LoadResource
TlsGetValue
GetLogicalDrives
GlobalMemoryStatus
GetDateFormatA

user32

GetClassNameA
SetWindowTextW
CreateDialogIndirectParamW
BeginPaint
SetCursorPos
PtInRect
RegisterClassExW
GetUpdateRgn
GetForegroundWindow
SetCaretPos
SetRect
ClientToScreen
CallWindowProcA
GetWindow
GetMenu
DrawIcon
IsWindowUnicode
SetWindowTextA
MapDialogRect
CreateIcon
GetScrollRange
PeekMessageW
RegisterClassW
ShowCursor
ScrollDC
ScrollWindowEx
WinHelpW

mp43base

_FExp
_FRteps
_LSnan
_FDscale
_LNan
_Dtest
_Stold
_LEps
_Cosh
_Toupper

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

336cf7b53b62c23651764c8f5166c198

Headers

DLL Characteristics

File Characteristics

Imports

ole32

gdi32

ntdll

advapi32

kernel32

user32

mp43base

Sections

.text Size: 200KB - Virtual size: 200KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 200KB - Virtual size: 200KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 36KB - Virtual size: 36KB