899716818a53b0129851f6a6507b06d4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

899716818a53b0129851f6a6507b06d4_JaffaCakes118
Size

244KB
MD5

899716818a53b0129851f6a6507b06d4
SHA1

26164f871c2bbf29181bff7356b4bf9c89990176
SHA256

fd88e41684fc72d837792a7f2542504c0b58d8fd5953f24737ec542ce46a7b72
SHA512

c36ecf60efee84db1432cd5191a5d8904e6bc2c246baad3b8b7fc0240cd4e62e57affdca19a0166be4c1c7d313ea68e1e9cab83adf9acfc02318153d0421b1da
SSDEEP

6144:xcmb9v646MkD6KqzyIAmaQHCyTNIEBH6:xcs64VTAmuynBH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
899716818a53b0129851f6a6507b06d4_JaffaCakes118

Files

899716818a53b0129851f6a6507b06d4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d2708cb81d82567e824dc5f3001157ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
OleSetMenuDescriptor
CreateItemMoniker
OleRegGetMiscStatus
CreateStreamOnHGlobal
WriteClassStg
CreateDataAdviseHolder
CreateILockBytesOnHGlobal
GetRunningObjectTable
OleGetClipboard
WriteClassStm
CoFreeUnusedLibraries
GetClassFile
CoRevokeClassObject
OleDestroyMenuDescriptor
OleRegGetUserType

mprdmail

_LSinh
_Poly
_LSnan
_Stod
_LPoly
_Snan
_LEps
_FDenorm

ntdll

ZwSetEvent
NtQueryInformationFile
NtCreateTimer
NtTraceEvent
NtProtectVirtualMemory

gdi32

AbortDoc
IntersectClipRect
GetEnhMetaFileBits
SelectPalette
UnrealizeObject
EnumMetaFile
GetPaletteEntries
GetDeviceCaps
GetClipRgn
Pie
RoundRect
CreateSolidBrush
GetBitmapBits
DPtoLP
SetViewportExtEx
SetROP2
CreateDIBSection
CreateCompatibleBitmap

advapi32

RegOpenKeyExW

kernel32

IsValidCodePage
FileTimeToSystemTime
CreateFileA
GlobalAlloc
SetPriorityClass
GetThreadLocale
LCMapStringW
GetLocaleInfoW
GlobalGetAtomNameA
QueryPerformanceFrequency
GetLocaleInfoA
TlsAlloc
HeapCreate
ResetEvent
HeapFree
GetLocalTime
CreateThread
FreeLibrary
IsBadWritePtr
GlobalMemoryStatus
FileTimeToLocalFileTime
InterlockedDecrement
OutputDebugStringA
MultiByteToWideChar
SetThreadPriority
Sleep
GetUserDefaultLCID
GetDateFormatA
SearchPathW
VirtualFree
GetFileSize

user32

LoadCursorA
TranslateMessage
CallWindowProcW
SetWindowTextA
IsWindowEnabled
SetWindowLongA
FillRect
PeekMessageW
IsWindowVisible
IsWindow
ScrollDC
SetMenu
CreateDialogIndirectParamA
FindWindowA
GetTopWindow
InvalidateRgn
SetRectEmpty
DestroyIcon
ClipCursor
InvalidateRect
IsDialogMessageA
IsWindowUnicode
EnableWindow
EnumChildWindows
GetMessageTime
GetWindowTextA
SetCaretPos
GetClassInfoExA
SendDlgItemMessageA
InvertRect
CheckDlgButton

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2708cb81d82567e824dc5f3001157ee

Headers

DLL Characteristics

File Characteristics

Imports

ole32

mprdmail

ntdll

gdi32

advapi32

kernel32

user32

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 186KB - Virtual size: 188KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 186KB - Virtual size: 188KB