a58eda8fff942956f24d213a3f9784dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a58eda8fff942956f24d213a3f9784dd_JaffaCakes118
Size

257KB
MD5

a58eda8fff942956f24d213a3f9784dd
SHA1

11161ccecc4a3638c57e03a124f0c1405508c91c
SHA256

386ccc0c6178c206e095da092df2e4e7053aa2f243a0fb74a47e95c8e63887fc
SHA512

080bddc4c6ac078ea74c6b67468c61059eaa79c4bb895c7bc756159e95826e07c30a106358a7414d682d84380a0c90260107d729b9de177e84fccf1c429d610b
SSDEEP

6144:2tH9rp+lLWwXJrMglX5vnTWJXsKxLbh9A5HOD/ffFRy7UHUtOFQY7TzwtCYFAjdf:6wXJMglYcX1H6R6S+MW6/7dP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a58eda8fff942956f24d213a3f9784dd_JaffaCakes118

Files

a58eda8fff942956f24d213a3f9784dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

645bf4ee982a55b8bf4206cee5210a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iassasn1

_Hugeval
_Tolower
_Getcoll
_LPoly
_FNan
_Getctype
_FSinh
_Xbig

gdi32

CreateDIBitmap
SetAbortProc
SelectObject
CreateBrushIndirect
ExtSelectClipRgn
DeleteMetaFile
SetViewportExtEx
GetStockObject
SetViewportOrgEx
GetTextColor
ExcludeClipRect
GdiSetBatchLimit
CreatePalette
GetObjectType
GetPixel
GetTextCharsetInfo
SelectPalette
StartPage
SetWindowOrgEx
SetBkMode
DeleteDC
GetRasterizerCaps
GdiFlush
AbortDoc
Polyline
GetTextMetricsA
GetTextFaceA
SetBkColor
ExtTextOutA

ole32

CoGetMalloc
WriteFmtUserTypeStg
SetConvertStg
OleDuplicateData
OleGetIconOfClass
DoDragDrop
CoFileTimeNow
OleFlushClipboard
CoTaskMemFree

advapi32

RegOpenKeyExW

ntdll

NtQuerySystemTime
NtQueryValueKey
NtProtectVirtualMemory
RtlCancelTimer
RtlFillMemory
ZwOpenMutant
ZwSetEvent
NtQueryInformationProcess

user32

GetSysColor
DefMDIChildProcA
DrawFrameControl
ActivateKeyboardLayout
BeginPaint
InflateRect
GetKeyboardLayout
ClipCursor
PtInRect
SetFocus
IsIconic
PeekMessageW
GetWindowRect
CreateCaret
ScrollDC
SetCapture
GetUpdateRgn
DrawEdge
DrawIcon
GetDlgItem
GetParent
GetCapture
CreateMDIWindowW
ReleaseDC
SetCursor

kernel32

VirtualFree
FlushFileBuffers
GlobalFree
RtlUnwind
InterlockedDecrement
SetHandleCount
lstrcpyA
GetLocaleInfoA
GetSystemDefaultLCID
CreateThread
SetStdHandle
TlsGetValue
GetVersion
SetLastError
LeaveCriticalSection
GlobalAlloc
LocalAlloc
GetDateFormatA
Sleep
GetSystemTime
WriteFile
IsDBCSLeadByteEx
SetEvent
SetErrorMode
GetModuleFileNameW
ReadFile
LCMapStringW
GetStartupInfoA
SetPriorityClass
GetProfileIntA
WaitForMultipleObjects

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

645bf4ee982a55b8bf4206cee5210a9b

Headers

DLL Characteristics

File Characteristics

Imports

iassasn1

gdi32

ole32

advapi32

ntdll

user32

kernel32

Sections

.text Size: 151KB - Virtual size: 151KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 47KB - Virtual size: 48KB

.text
Size: 151KB - Virtual size: 151KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 47KB - Virtual size: 48KB