acb40a9e2eb29d1059d07a1759be64f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acb40a9e2eb29d1059d07a1759be64f3_JaffaCakes118
Size

194KB
MD5

acb40a9e2eb29d1059d07a1759be64f3
SHA1

75ac32a58a555fc9bb8d08d219e41aea394fb691
SHA256

f1d59bfd270ee629342c1c779ebef00c02e74d9b3e0de5985f6e6ac3361675a1
SHA512

57d4e0d31b23f7e1f47ee54ec364f307e8fc55d394db4301616b8c104b05f3114448c86964ef789161104ff303d825211921662e923d24359ed5c3217cd35b29
SSDEEP

3072:VsLG7P6xExFlsJHId6XOP3ngFc06ELq+SNr93aT7QUjtY+bVl4/WZ:aLw6yl406XOPXgFcyZSN0T7QUjzZl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb40a9e2eb29d1059d07a1759be64f3_JaffaCakes118

Files

acb40a9e2eb29d1059d07a1759be64f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43780ae51a706387e663a8cf9c2f6846

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExA
GetTextExtentPoint32A
Escape
MoveToEx
GetFontData
CreateBitmap
RestoreDC
GetViewportOrgEx
ExcludeClipRect
GetBkColor
CreateRectRgnIndirect
UnrealizeObject
RectVisible
GetPixel
SetBkMode
PlayEnhMetaFileRecord
GetSystemPaletteUse
BitBlt
PlayMetaFileRecord
GetTextMetricsA

dpnlgr10

_FInf
_FSinh
_LInf
_LDscale
_FDtest
_FDscale
_FNan
_Eps
_FDnorm
_FSnan
_Toupper
_LNan

ole32

OleDuplicateData
StringFromGUID2
StringFromCLSID
CreateILockBytesOnHGlobal
WriteClassStg
OleRegGetUserType
ReleaseStgMedium
WriteClassStm
ReadFmtUserTypeStg
OleDestroyMenuDescriptor
OleUninitialize
CoGetMalloc
OleCreateFromData
CoRevokeClassObject

user32

GetWindow
DrawIcon
GetWindowThreadProcessId
ShowWindow
PostMessageW
CreateMDIWindowA
MapDialogRect
CreateCaret
DrawEdge
SetCaretPos
SetParent
SetCursor
ChangeClipboardChain
ShowCursor
DrawFocusRect
DrawIconEx
SetClipboardViewer
LoadIconA
IsWindowVisible
SetScrollRange
EnumDisplaySettingsA
RegisterClassExA
ScrollDC
GetClassNameA
CreateMenu
WindowFromPoint
DefWindowProcA

kernel32

GetStartupInfoA
InterlockedDecrement
VirtualFree
GetLogicalDrives
GlobalAlloc
CloseHandle
SetPriorityClass
GetStdHandle
GetCommandLineA
GetSystemDefaultLCID
GetModuleHandleA
GetTempPathA
ExitProcess
InitializeCriticalSection
OutputDebugStringW
GetModuleFileNameW
Sleep
SetHandleCount
GetSystemTime
MulDiv
GetStringTypeA
GetFileSize
SetUnhandledExceptionFilter
GetThreadLocale
GetStringTypeW
GetSystemDefaultLangID
GetLocaleInfoW
Beep
GlobalLock
VirtualFree
SetFilePointer
CreateProcessW
LCMapStringW
SizeofResource
CompareFileTime
GlobalUnlock

ntdll

NtQueryInformationFile
NtReadFile
RtlAddAce
NtProtectVirtualMemory
ZwSetEvent
RtlFreeUnicodeString
NtSuspendThread
ZwCreateTimer
RtlExitUserThread

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43780ae51a706387e663a8cf9c2f6846

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

dpnlgr10

ole32

user32

kernel32

ntdll

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 168KB - Virtual size: 172KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 168KB - Virtual size: 172KB