7186a5ea0b32d170451ec43fd401852d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7186a5ea0b32d170451ec43fd401852d_JaffaCakes118
Size

191KB
MD5

7186a5ea0b32d170451ec43fd401852d
SHA1

af1ad2c8bf7af6b62a92d7b5ed7c9190d1934062
SHA256

aa31c4d5213e4c17affbe37df118db3529db7e2cf94cfc9a4a285e80f62d4c78
SHA512

8994f66c131a653c0e532ae9dff81070726a0f537a5e0794a6743d243c846ecad72e42f9e68754142b96d38bc02c4e476069be6ed7270761b3714bf2eea35fae
SSDEEP

3072:dhUfiFHYL6j1LcrDvYePgwFORZ/PNHkCTg1iLJOVRzunfGtHPtDlhq7:d26F4L6hLcYENF0NkJ10cVyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7186a5ea0b32d170451ec43fd401852d_JaffaCakes118

Files

7186a5ea0b32d170451ec43fd401852d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fd35cd0d48bec0266488517d4f49f96c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
LoadLibraryA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalFree
LocalAlloc
ExpandEnvironmentStringsW
CreateProcessW
CloseHandle
lstrlenW
lstrcpynW
GetModuleHandleW
SystemTimeToFileTime
GlobalLock
GlobalUnlock
FormatMessageW
lstrcmpW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InterlockedDecrement
MultiByteToWideChar
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
ExitProcess
GetSystemInfo
VirtualQuery
HeapReAlloc
VirtualAlloc
InterlockedIncrement
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCommandLineA
LCMapStringW
VirtualProtect
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
HeapAlloc
HeapFree

user32

LoadStringW
DestroyAcceleratorTable
CreateWindowExW
WaitForInputIdle
FindWindowW
SetWindowLongW
MessageBoxW
DialogBoxParamW
ExitWindowsEx
GetDesktopWindow
SetForegroundWindow
GetWindowLongW
SetWindowTextW
EnableWindow
IsDlgButtonChecked
GetClassNameW
RegisterClipboardFormatW
SendMessageW
EndDialog
GetWindowTextLengthW
GetDlgItem
GetWindowTextW
InvalidateRect
CallWindowProcW
SetFocus
IsChild
GetFocus
ShowWindow

advapi32

ReportEventW
AbortSystemShutdownW
RegCloseKey
DeregisterEventSource
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
InitiateSystemShutdownExW

gdi32

RestoreDC
DeleteDC

ole32

CoCreateInstance
CoUninitialize
ReleaseStgMedium
CoInitialize

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd35cd0d48bec0266488517d4f49f96c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 4KB - Virtual size: 3KB