73485461803376080d2ea8861c4a12b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73485461803376080d2ea8861c4a12b9_JaffaCakes118
Size

149KB
MD5

73485461803376080d2ea8861c4a12b9
SHA1

a22e404c5eb770deb478b5fdef8ff3baf003f9c9
SHA256

b80860508e22fb5167bb4f1523c8e1b51f043c4ff877117c43194e509f5b4af2
SHA512

69039ccbc267712812c4f7e729b2d8f2078cd8c012b7fc1b05a0c996f17b36f949960bade0f6354cff5d6a825709d65604ac5294728e9ea4d2cc6909f44836bf
SSDEEP

3072:7UGke8KsW2uOLMWf6vJOBuY6iAORpuMXX1qWFMNpOjcdXhkq:gu8HWILMyyThOXJHvF1AXh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73485461803376080d2ea8861c4a12b9_JaffaCakes118

Files

73485461803376080d2ea8861c4a12b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

39d4e21a9818fb3c64eab168c7422b81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualLock
SetThreadPriority
GetFileSize
CreateFileMappingA
FindFirstFileA
VirtualQuery
CreateFileA
FindClose
MulDiv
VirtualProtectEx
lstrcatA
SetCurrentDirectoryA
WriteFile
GetCurrentThread
WideCharToMultiByte
lstrcpyA
CreatePipe
ReadProcessMemory
lstrlenW
VirtualFree
GetProcAddress
WritePrivateProfileStringA
OpenProcess
lstrcpynA
SetFileAttributesA
GetPrivateProfileStringA
GetPriorityClass
LoadLibraryA
MapViewOfFile
lstrcmpA
lstrcmpiA
CloseHandle
TerminateProcess
FindNextFileA
GetPrivateProfileStructA
SetFilePointer
GetComputerNameA
SetPriorityClass
GetCurrentProcessId
GetCurrentDirectoryA
WritePrivateProfileStructA
GetModuleFileNameA
GetModuleHandleA
WaitForMultipleObjects
ReadFile
VirtualAlloc
VirtualUnlock
UnmapViewOfFile
WaitForSingleObject

user32

CheckDlgButton
EnableWindow
DestroyMenu
FindWindowA
wvsprintfA
CallWindowProcA
EnumClipboardFormats
GetDlgItemTextA
ShowWindow
SetForegroundWindow
SendMessageA
SetTimer
OpenClipboard
CheckMenuRadioItem
GetClassInfoA
GetCursorPos
SetClipboardData
ScreenToClient
DestroyCursor
SendDlgItemMessageA
AppendMenuA
CharLowerA
CreatePopupMenu
MessageBoxA
GetWindowRect
DestroyIcon
SetWindowLongA
wsprintfA
CheckRadioButton
KillTimer
SetDlgItemTextA
GetAsyncKeyState
SetMenuItemInfoA

msvcrt

strncmp
free
div
sprintf
_timezone
gmtime
strchr
strstr
realloc
asctime
malloc

dhcplang

_LEps
_LRteps
_LNan
_Dnorm
_LSnan
_Cosh
_Getcoll
_Exp
_FDscale
_FDnorm
_FCosh
_FNan
_Strcoll
_Stof
_Denorm
_Dtest
_FEps
_Poly
_FXbig
_FSinh
_Inf
_Mbrtowc
_Stold
_LExp
_Wcrtomb
_LDenorm
_Stod
_FDenorm
_LInf
_FDtest
_Rteps
_FSnan
_LCosh
_Eps

advapi32

AdjustTokenPrivileges
RegCloseKey
LookupPrivilegeValueA
RegCreateKeyExA

imagehlp

ImageNtHeader

Sections

.text
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39d4e21a9818fb3c64eab168c7422b81

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

dhcplang

advapi32

imagehlp

Sections

.text Size: 135KB - Virtual size: 136KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 135KB - Virtual size: 136KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 4KB