b49ec709636b89e298bb591364f7737f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b49ec709636b89e298bb591364f7737f_JaffaCakes118
Size

104KB
MD5

b49ec709636b89e298bb591364f7737f
SHA1

77dd88c9b1bbe8ce4787e94471bee0b014151a59
SHA256

e0e0c2ceed3f0015e1613f037ffbc2f8a186521db34ce7226220682376ad4309
SHA512

cdb35f1ccd5a404b5bb60f8f189fac4e4e08b4cdff9c7bb27e087e64f84a819c7cb4841d46c8f7530b909912449b1fb319626fdf72282d756a74b2cb91f20b6b
SSDEEP

1536:xKq3YWsHUfSn8tU9AVz6zDprN4+d74Kurk+i2MdMJK7Jwq+lEwDEdlXZ:xKq3OaSn8NZ6zRN448KWk+MMFEzlX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b49ec709636b89e298bb591364f7737f_JaffaCakes118

Files

b49ec709636b89e298bb591364f7737f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
CreateThread
GetModuleHandleW
GetLocalTime
GetSystemTime
LCMapStringW
GetProcessHeap
SetEvent
Sleep
IsDBCSLeadByte
GetTickCount
GetACP
lstrcmpiA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
FormatMessageW
LCMapStringA
HeapSize
LoadLibraryA
GetCPInfo
GetOEMCP
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
GetModuleHandleA
VirtualProtect
GetCommandLineA
MultiByteToWideChar
GetProcAddress
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InterlockedExchange
VirtualQuery
GetSystemInfo

user32

PtInRect
wsprintfA
CharUpperA
DefWindowProcW
UnregisterClassW
DestroyWindow
GetMessageW
CreateWindowExW
RegisterClassW
DialogBoxParamW
SetWindowTextW
LoadIconW
GetDC
DrawIcon
ReleaseDC
GetCursorPos
LoadStringW
MessageBoxW
SetFocus
SendMessageW
EndDialog
GetDlgItem
GetWindowPlacement
SetWindowPlacement
ShowWindow
LoadBitmapW
EnableWindow
ScreenToClient

advapi32

CryptReleaseContext
CryptAcquireContextW

ole32

CoTaskMemAlloc

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB