a48df307469a8536f1330768282521ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a48df307469a8536f1330768282521ab_JaffaCakes118
Size

28KB
MD5

a48df307469a8536f1330768282521ab
SHA1

c3a688d7287814494cd1db65a52665668b69567a
SHA256

b8fb3dbe3f4fe9d2cb8f59ca4bf23daf6faa2b20f0080cc42646e36585e52e10
SHA512

7ef5dc68908b97c3aeedfb604825fabaa233bf11a82566e7225a257e4ce93900a42bb813e025675b4f7113222f6080b34c84a9708d5c1e989e82524d56eccc81
SSDEEP

384:vHxVH9ImHYw/oceCXGitWtgvAksKV79vfDdXTHJGHhyQQId1/VXktU:vPcXqtWtg9vfBXTHJYdQId1QU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a48df307469a8536f1330768282521ab_JaffaCakes118

Files

a48df307469a8536f1330768282521ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10558bc0805dd891e255186368be5459

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetLastError
GetCurrentProcessId
FreeLibrary
GetCurrentProcess
Sleep
MultiByteToWideChar
DisableThreadLibraryCalls
GetProcessHeap
FreeLibrary
InitializeCriticalSection
UnhandledExceptionFilter
LoadLibraryW
CreateThread
GetModuleHandleW
HeapDestroy
LeaveCriticalSection
CreateEventW
GetVersionExA
LoadLibraryW
LoadLibraryA
lstrlenA
HeapFree
CloseHandle
ReadFile
GetLastError
GetModuleFileNameA
CreateEventW
GetCurrentThreadId
UnhandledExceptionFilter
Sleep
InterlockedDecrement
LeaveCriticalSection
Sleep
GetCurrentProcess
GetProcessHeap
LoadLibraryA
GetModuleFileNameW
InitializeCriticalSection
MultiByteToWideChar
CloseHandle
CreateEventW
CreateThread
HeapDestroy
FreeLibrary
VirtualProtect
LocalAlloc
GetTickCount
CreateEventW
CreateThread
GetCurrentProcess
LoadLibraryW
InitializeCriticalSection
lstrcmpiW
LocalFree
GetProcessHeap
UnhandledExceptionFilter
CreateFileW
VirtualAlloc
LoadLibraryA

gdi32

SelectObject
CreateFontIndirectA
CreateRectRgn
BitBlt
CreateRectRgn
SetWindowExtEx
Rectangle
GetBrushOrgEx
SetBrushOrgEx
MoveToEx
GetBkMode
GetBkColor
MoveToEx
GetBkMode
SetWindowOrgEx
SelectObject
CreateDIBitmap
CreateBitmapIndirect
SetWindowOrgEx
MoveToEx
CreateFontIndirectA
GetCurrentObject
PatBlt
Polygon
BitBlt
GetWindowOrgEx
CreateBitmapIndirect
GetBkMode
Ellipse
SetWindowOrgEx
SetWindowOrgEx
CreateRectRgn
Polygon
LineTo
CreatePen
SetWindowOrgEx
SelectObject
SetWindowOrgEx
PatBlt
GetBkColor
CreateFontA
StretchBlt
SetBkColor
CreateFontA
SelectObject
BitBlt
SetBkColor
GetPixel
SetBkMode
SelectObject
RoundRect
CombineRgn
SetWindowExtEx
CreateDIBSection
GetBkColor
GetPixel
PatBlt

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10558bc0805dd891e255186368be5459

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB