74f6d9adae25ae05c2ee2fe0e79ec140_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74f6d9adae25ae05c2ee2fe0e79ec140_JaffaCakes118
Size

61KB
MD5

74f6d9adae25ae05c2ee2fe0e79ec140
SHA1

41e36eb4d8092e2d823cad3fc114fd7294c5e526
SHA256

bc60806899bc3004168339ca70fef0d78e3bded1c2dde0c3fe43a30df04f781b
SHA512

a0dd88070165614bb890b2092786d3faa7d0b0d8aa358017b768f0e450ee6957147ff97b7bd3cccf4293e31fe9faaa8037310cdb20f3b29ec4dfdf7c614bdb47
SSDEEP

1536:mXEuKdITCINoEkVznpT47FlfyRPVE3oT5qwlz:mUiTblk5+SF+otBlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74f6d9adae25ae05c2ee2fe0e79ec140_JaffaCakes118

Files

74f6d9adae25ae05c2ee2fe0e79ec140_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08704c395a72dda29f43da32e8c1a4ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleHandleA
LoadLibraryA
DisableThreadLibraryCalls
LoadLibraryA
UnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
lstrlenA
ReadFile
HeapFree
GetSystemTimeAsFileTime
MultiByteToWideChar
GetVersionExA
InterlockedExchange
LocalFree
InterlockedIncrement
GetModuleFileNameA
GetModuleFileNameW
InitializeCriticalSection
GetCurrentProcessId
GetVersionExA
InitializeCriticalSection
GetCurrentThreadId
InterlockedExchange
GetProcessHeap
CreateEventW
GetModuleFileNameW
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameW
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
HeapFree
LocalAlloc
ReadFile
lstrlenA
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
Sleep
EnterCriticalSection
GetModuleFileNameA
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryW
GetSystemTimeAsFileTime
VirtualProtect
InterlockedIncrement
GetVersionExA
MultiByteToWideChar

gdi32

Polygon
CreateFontIndirectA
StretchBlt
BitBlt
SetBrushOrgEx
SetBrushOrgEx
CreateRectRgn
SetBrushOrgEx
GetBkMode
GetCurrentObject
GetCurrentObject
SetBrushOrgEx
SelectObject
Ellipse
CreateRectRgn
SetWindowOrgEx
SetWindowOrgEx
CreateRectRgn
CreateSolidBrush
CreateFontA
PatBlt
SetBrushOrgEx
SetBkMode
GetCurrentObject
CreateDIBSection
Polygon
SetBkColor
BitBlt
BitBlt
CreatePen
CreateFontIndirectA
CreateFontA
GetBrushOrgEx
CreateSolidBrush
Rectangle
CreateDIBitmap
SetWindowOrgEx
BitBlt
Polygon
GetWindowOrgEx
SetWindowOrgEx
CreateRectRgn
SelectObject
Rectangle
CreateFontA
SetBrushOrgEx
CreatePen
StretchBlt
GetCurrentObject
CreateBitmap
StretchBlt
MoveToEx

Sections

.text
Size: 51KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08704c395a72dda29f43da32e8c1a4ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 51KB - Virtual size: 60KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 51KB - Virtual size: 60KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB