b535bf249e4819928391abdafe7d08f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b535bf249e4819928391abdafe7d08f0_JaffaCakes118
Size

19KB
MD5

b535bf249e4819928391abdafe7d08f0
SHA1

02581fe7c5221dc3f10311600da40fb69adeb501
SHA256

f8c4ba05b7c348a62c8aba8a6d6fb0156e5bbd794e3d53a56c59f48448dfa253
SHA512

50f2a93ae7acf7694ec8b4d9c5815680ab1abb19120483139513856adbf5018fde4bd0df9d6997e165190a7ab1f7d7597ee8095976b98f6792c63a5bb495ee4a
SSDEEP

384:rwdyFCm3yVZGc4Sbv+oL521ggm4/jPjBhPijrk9r:rwdyzCgSbvXUL7PjBhQg9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b535bf249e4819928391abdafe7d08f0_JaffaCakes118

Files

b535bf249e4819928391abdafe7d08f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b7630f87657bdf60707dfd2ca24f8e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualProtect
GetModuleFileNameW
GetTickCount
GetModuleFileNameA
LeaveCriticalSection
lstrlenA
GetModuleHandleA
CreateFileW
lstrlenA
DeleteCriticalSection
CreateEventW
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
LocalAlloc
GetModuleHandleW
InterlockedIncrement
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep
GetLastError
DeleteCriticalSection
HeapAlloc
VirtualProtect
LoadLibraryA
GetCurrentProcessId
DisableThreadLibraryCalls
CreateEventW
CreateEventW
InterlockedCompareExchange
InterlockedDecrement
GetCurrentProcess
LocalFree
LocalFree
lstrlenA
HeapDestroy
InterlockedDecrement
GetCurrentProcess
GetTickCount
CreateThread
QueryPerformanceCounter
LoadLibraryW
Sleep
VirtualProtect
GetCurrentProcess
VirtualProtect
LocalFree
lstrlenA
Sleep
DeleteCriticalSection
HeapAlloc
GetModuleFileNameA
HeapFree
CreateThread
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
UnhandledExceptionFilter
DeleteCriticalSection

gdi32

GetBkMode
CreateBitmap
LineTo
GetPixel
SetPixel
CombineRgn
PatBlt
StretchBlt
CombineRgn
GetBkMode
Rectangle
GetPixel
SetTextColor
SetTextColor
CombineRgn
CreateDIBitmap
CombineRgn
RoundRect
SetTextColor
RoundRect
CreatePen
Polygon
GetWindowOrgEx
GetPixel
MoveToEx
GetBkColor
CreateBitmapIndirect
SetWindowExtEx
SelectObject
CreateRectRgn
CreateBitmapIndirect
Rectangle
CreatePen
CreateDIBitmap
MoveToEx
CreatePen
SetBkMode
SetTextColor
SelectObject
Polygon
RoundRect
CreateFontA
Polygon
LineTo
SetBkColor
CreateBitmapIndirect
SetPixel
GetWindowExtEx
StretchBlt
GetBrushOrgEx
SetBrushOrgEx
SetWindowExtEx
GetWindowExtEx
StretchBlt
CreateBitmap
Rectangle
CreateBitmap
LineTo
GetBkColor
GetBrushOrgEx

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b7630f87657bdf60707dfd2ca24f8e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB