b4d53c440a8405fdf632ca633f86b90d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4d53c440a8405fdf632ca633f86b90d_JaffaCakes118
Size

172KB
MD5

b4d53c440a8405fdf632ca633f86b90d
SHA1

ec9e18de0d060aceae4e87f9c0fb96f099bd6d19
SHA256

58e240414286e54276e94c78037190697e049c39c4e1862e54a12005ccf47819
SHA512

65db9ff76ee2b040a50e897b52bedb80f51b2e4c4e1ee74bcc98dc9b5a3d1c105fb185a181cf3d68bcfdb4f3a936f59e8382c4d8258df14074ae7e9211ca77e3
SSDEEP

3072:gOiV6MJgalPgg1bh2JSoXwMHP+E6Qf1r75P/brxibvnHABNimWTO/vKP:1MJTPP/2JSffCXd/UvHZmWTOnKP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4d53c440a8405fdf632ca633f86b90d_JaffaCakes118

Files

b4d53c440a8405fdf632ca633f86b90d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6187b5cb231632c8e85469ce4f4ef530

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AddFontResourceW
SetBkMode
GetObjectA
GetStockObject
CreatePatternBrush

ntprrslv

_Poly
_Denorm
_Nan
_Exp
_Dscale
_Stold
_Wcrtomb
_LCosh
_Stod
_LPoly
_FRteps
_Stof
_FExp

msvcrt

fclose
free
exit
wcstol
_acmdln
__dllonexit

shlwapi

SHAutoComplete
PathAppendW

user32

GetClassNameA
UnregisterClassA
GetSubMenu
GetDesktopWindow
DrawFrameControl
SetTimer
GetDC
FindWindowW
UnhookWindowsHookEx
DrawTextA
GetWindowTextLengthW
GetParent
GetMessageW
SetWindowPos
GetWindowRect
GetMonitorInfoW
GetDlgItem
EndDialog
FrameRect

oleaut32

SysStringByteLen

ntdll

NtCreateMutant
NtCreateSection
NtExtendSection
NtClearEvent
NtOpenMutant
NtQueryObject
NtReleaseSemaphore
NtOpenEventPair
NtQuerySemaphore
NtQueryMutant
NtPulseEvent

shell32

ShellExecuteW
ord190
SHCreateShellItem

kernel32

DeleteFileW
VirtualProtect
GetVersionExA
GetPriorityClass
GetCurrentThread
CloseHandle
UnhandledExceptionFilter
GetCurrentProcess
GlobalAlloc
LoadLibraryA
SetUnhandledExceptionFilter
ExpandEnvironmentStringsW
GlobalAlloc
GlobalFree
LocalAlloc
TerminateProcess
FindFirstFileW
HeapSize
InterlockedExchangeAdd
GetVersionExW
SleepEx
HeapDestroy

ole32

CoInitializeEx
CoCreateInstance
OleUninitialize

comctl32

ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_GetImageInfo

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6187b5cb231632c8e85469ce4f4ef530

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ntprrslv

msvcrt

shlwapi

user32

oleaut32

ntdll

shell32

kernel32

ole32

comctl32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 114KB - Virtual size: 116KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 114KB - Virtual size: 116KB