b53c0f808c13d22acf420082b15cffd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b53c0f808c13d22acf420082b15cffd4_JaffaCakes118
Size

235KB
MD5

b53c0f808c13d22acf420082b15cffd4
SHA1

be233532bf6cc84900f0cf3754bdcce9ad707f09
SHA256

d9c523eebe9a5bc93aa5f05f20c8bba154eb7ca2f971312a2d3ffdae1a03a2b9
SHA512

3829b00849ec6973f4ed03b49940f977af5eec70a10aa05489e3f29de74e7d079e0319d5176fe1cd1eb3cae535ea0e25ee8f8c4bc4124e11d5461a44cb776f7c
SSDEEP

6144:+WGKNlB1ha9BQS8mYvYdRdUER529XHh250kZ:l7bOBQS7UER529XH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b53c0f808c13d22acf420082b15cffd4_JaffaCakes118

Files

b53c0f808c13d22acf420082b15cffd4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

60d3611f7a4b8e52c11d265e9f809e91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawFocusRect
EnableWindow
IsWindowEnabled
DestroyAcceleratorTable
GetKeyboardState
PeekMessageA
GetUserObjectInformationW
GetDesktopWindow
SetScrollPos
GetMenuItemCount
GetWindow
MsgWaitForMultipleObjects
EnableMenuItem
UnionRect
RegisterWindowMessageA
GetTopWindow
GetUpdateRgn
GetFocus
ScreenToClient
OpenClipboard
FillRect
OffsetRect
GetCursor
DrawIcon
GetWindowLongW
SetCursorPos
DrawFrameControl
GetIconInfo
GetCapture
SetScrollInfo
SetMessageQueue
GetClipboardData
SetCaretPos
IsWindowVisible

ole32

OleCreateLinkFromData
CoTaskMemFree
MkParseDisplayName
CoUninitialize
CreateBindCtx
CreateItemMoniker
OleGetIconOfClass
CoCreateInstance
CreateStreamOnHGlobal
CoDisconnectObject
OleTranslateAccelerator
StgOpenStorageOnILockBytes
StgOpenStorage

ntdll

NtTerminateThread
RtlCompareUnicodeString
ZwSetInformationProcess
NtQueryValueKey
NtReadFile
NtCreateTimer
NtResumeThread
NtSetSystemInformation
NtIsProcessInJob
NtQuerySection

mdwmfc71

_LCosh
_Denorm
_Getctype
_FSnan
_Nan
_Mbrtowc
_Stod
_LEps
_Sinh
_LRteps
_Tolower
_Stold

kernel32

SetLastError
FindClose
lstrlenW
VirtualProtect
GetPriorityClass
GetSystemTimeAsFileTime
FreeLibrary
LockResource
InterlockedDecrement
GetVersionExA
GetLocaleInfoW
CloseHandle
GlobalCompact
LocalAlloc
GetSystemTime
LocalAlloc
SetCurrentDirectoryW
UnhandledExceptionFilter
GetVolumeInformationW
VirtualFree
GetOEMCP
GetVersionExW
SleepEx
ReadFile
LoadLibraryA
LoadLibraryW

gdi32

GdiComment
LineTo
ExtEscape
GetOutlineTextMetricsW
SetBitmapBits
CreateBitmap
DeleteMetaFile
GetCharWidthW
Escape
GetTextExtentPointW
DPtoLP
SetDIBits
SetPixel
GetWinMetaFileBits
StretchBlt
GetCharWidthA
ExtTextOutW
GetTextColor
SetWindowExtEx
SetTextAlign
CreateFontA
GetTextCharsetInfo
CreatePatternBrush

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60d3611f7a4b8e52c11d265e9f809e91

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

ntdll

mdwmfc71

kernel32

gdi32

Sections

.text Size: 163KB - Virtual size: 163KB

.data Size: 46KB - Virtual size: 46KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 163KB - Virtual size: 163KB

.data
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 24KB - Virtual size: 28KB