a38473859ac6071fb86f0af8d17d94b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a38473859ac6071fb86f0af8d17d94b7_JaffaCakes118
Size

276KB
MD5

a38473859ac6071fb86f0af8d17d94b7
SHA1

f59b78cd8f81c1aa0c314f18bd674331bb034f59
SHA256

dddaef485eb586ba57942172e2cd7f49c50afc202eb0c77b11585c17ffffd86a
SHA512

abf5ae72f6933af8b702fc34b66fd4327e4cacb73b1f2c5d02f8e2f954ed908915bbd97615c5529258328d1693b4fb9ac2c6230df071b1a946ae29e73ccf7f6b
SSDEEP

6144:ot+cPyNuCEEon3ijgZV5IfIkW3k8tkdHr64EfW:ot+cCuR3ijiVufJ8yrk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a38473859ac6071fb86f0af8d17d94b7_JaffaCakes118

Files

a38473859ac6071fb86f0af8d17d94b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

19cd72eb45875e97ffe7fe8c8d13ad77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dfrgwrbk

_Denorm
_FEps
_Strcoll
_Snan
_FXbig
_Getctype
_Eps
_FSinh

kernel32

IsBadWritePtr
GlobalGetAtomNameW
GlobalLock
OutputDebugStringW
GlobalAlloc
lstrcatA
InterlockedDecrement
RaiseException
GetVersionExA
CreateThread
GlobalReAlloc
FileTimeToDosDateTime
VirtualFree
GlobalAddAtomA
LoadResource
GetTickCount
GetStringTypeA
SetCurrentDirectoryW
GetPriorityClass
GetSystemDefaultLCID
TerminateProcess
WaitForSingleObject
GetLastError
FindClose
GetLocalTime
CompareFileTime
WriteFile
GetVersion
SleepEx
TlsGetValue
IsBadReadPtr
MultiByteToWideChar
GetStartupInfoW
IsDBCSLeadByte

advapi32

RegQueryValueExW

user32

SetClipboardViewer
GetNextDlgTabItem
RegisterClassA
SetMenu
GetAsyncKeyState
SetWindowPos
SetRect
LoadImageA
DefMDIChildProcA
SetWindowTextA
GetDlgItem
DefWindowProcA
CreateMDIWindowW
DispatchMessageW
IsWindow
SetScrollRange
GetMessageTime
WindowFromDC
SetWindowLongW
MapWindowPoints
ChangeClipboardChain
wsprintfA
SetActiveWindow
GetActiveWindow
GetClassInfoExA
WinHelpW
RemoveMenu
SetScrollPos
ScrollWindowEx
HideCaret

gdi32

GetBitmapBits
AbortDoc
SetMapMode
Rectangle
Pie
GetNearestColor
DeleteMetaFile
LineTo
SetAbortProc
GetCurrentObject
SetTextColor
SaveDC
SetROP2
CreateCompatibleDC
MoveToEx
RealizePalette
GetViewportOrgEx
SetRectRgn
SetTextAlign
SetDIBits
GetRgnBox
DeleteEnhMetaFile
AnimatePalette
UpdateColors

ntdll

RtlAddAce
NtCreateMutant
ZwSetEvent
NtQueryValueKey
NtQueryInformationFile
RtlCompareString
ZwProtectVirtualMemory

ole32

CoFileTimeNow
OleIsCurrentClipboard
RevokeDragDrop
CoGetMalloc
OleGetClipboard
OleSetClipboard
OleCreateLinkFromData
OleCreateMenuDescriptor
OleCreateFromFile
OleRegEnumFormatEtc
OleCreateEmbeddingHelper
CoRegisterMessageFilter
OleTranslateAccelerator
GetRunningObjectTable
StgIsStorageFile
OleQueryCreateFromData
WriteClassStm
ReadClassStg
StgOpenStorageOnILockBytes

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19cd72eb45875e97ffe7fe8c8d13ad77

Headers

DLL Characteristics

File Characteristics

Imports

dfrgwrbk

kernel32

advapi32

user32

gdi32

ntdll

ole32

Sections

.text Size: 177KB - Virtual size: 177KB

.data Size: 54KB - Virtual size: 53KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 177KB - Virtual size: 177KB

.data
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 44KB - Virtual size: 44KB