a849bab343296143cfea70cc829b25b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a849bab343296143cfea70cc829b25b9_JaffaCakes118
Size

228KB
MD5

a849bab343296143cfea70cc829b25b9
SHA1

91f8fecfca23ce49c6167eba056472f40ca8ec07
SHA256

8269af622e876dd7798a9874adfce88e3a109e1529fb616c6cdf50e829cfd75c
SHA512

ee4b6733641ead9f310e9bb41eec1f134267d15f09d78f78a20e978c81405548bc66fd636dddb75de12627c217e9d9b8dedad11d7ffd648582ab04aa797c012f
SSDEEP

6144:YNMLQtCmLPRMOcw0R0eDnej+5xEmH6Br+NsvRfL:8LCyZM9w0lej+5tHVaRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a849bab343296143cfea70cc829b25b9_JaffaCakes118

Files

a849bab343296143cfea70cc829b25b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6500702b9e5f7417aee10bdc45b6bcb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kbdhedia

_Toupper
_Sinh
_Stold
_Getcoll
_Tolower
_LXbig
_Eps

ole32

StgOpenStorageOnILockBytes
CoLockObjectExternal
OleQueryLinkFromData
StringFromGUID2
GetHGlobalFromILockBytes
CreateDataAdviseHolder
OleTranslateAccelerator
OleLoad
OleFlushClipboard
CoRegisterMessageFilter
OleCreateMenuDescriptor

gdi32

GetTextCharsetInfo
SetMapperFlags
SetWindowOrgEx
SetBrushOrgEx
Polyline
SelectObject
SetMapMode
DPtoLP
ExtEscape
Rectangle
CreateRoundRectRgn
GetClipBox
SetMetaFileBitsEx
RoundRect
MoveToEx
CreateHatchBrush
SetEnhMetaFileBits
SaveDC
StretchDIBits
GetTextColor
CopyEnhMetaFileW
BitBlt
CombineRgn
Polygon
ExtTextOutW
CreateICW
GetTextExtentPointA

kernel32

GetLocaleInfoW
GlobalCompact
FindFirstFileW
CloseHandle
EnumSystemLocalesW
SetCurrentDirectoryW
SizeofResource
GetCurrentDirectoryW
GlobalReAlloc
GetProcAddress
VirtualAllocEx
IsValidCodePage
GetVersionExW
InterlockedExchange
InterlockedDecrement
GetVolumeInformationW
LoadResource
GetLastError
SleepEx
GetACP
UnlockFile
GlobalFree
GetPriorityClass
SearchPathW
GetCurrentThreadId
GetTickCount

user32

IntersectRect
EnableWindow
GetMessageW
PostMessageW
EnableMenuItem
IsWindowVisible
GetKeyState
GetScrollPos
ShowCaret
GetDoubleClickTime
ValidateRect
GetScrollRange
EnumDisplayMonitors
DestroyMenu
PostQuitMessage
CreateCaret
SetKeyboardState
ShowWindow
RegisterWindowMessageW
GetClientRect
IsRectEmpty
ShowCursor
GetDC
MessageBoxA
UpdateWindow
SetCaretPos
SetCursor
GetKeyboardLayout
GetKeyboardState
GetMenu
RegisterClipboardFormatW
SetTimer
PeekMessageW
GetFocus
EndPaint
SetRect
WaitMessage
GetInputState
HideCaret
DrawFrameControl

ntdll

RtlExitUserThread
NtOpenEventPair
NtSetInformationThread

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6500702b9e5f7417aee10bdc45b6bcb7

Headers

DLL Characteristics

File Characteristics

Imports

kbdhedia

ole32

gdi32

kernel32

user32

ntdll

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 119KB - Virtual size: 119KB

.rsrc Size: 40KB - Virtual size: 44KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 40KB - Virtual size: 44KB