b90a2a34b2796e48f28f400f5e4d365e_JaffaCakes118

General

Target

b90a2a34b2796e48f28f400f5e4d365e_JaffaCakes118
Size

26KB
MD5

b90a2a34b2796e48f28f400f5e4d365e
SHA1

b9bb0c90923046aab1554b075dce68cff79a0578
SHA256

2e53563b5d6a2e82f2d1a4258e9be0b9140a1b1bba5bc7999bf960688dc30bef
SHA512

5871db3e5289bcb4e9ab722727e742eba7d206c1aa812bbb3ee5cc86b9d6f8e4ff23d9a4dc32110ed38c05e2434d4d209870f5f6eab5233d9436d2cf6dc62dff
SSDEEP

768:CkDgm0CMF2BGdIWWMS+T+zY2JrHvFaKV6+HG0:H0nPdIpEUJrPAH+HG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b90a2a34b2796e48f28f400f5e4d365e_JaffaCakes118

Files

b90a2a34b2796e48f28f400f5e4d365e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8b4f63d607f7e808339d7d7334efd804

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCapture
GetClassNameW
GetClientRect
CreateDialogIndirectParamW
SetDlgItemTextW
GetWindowLongW
CreateDialogParamW
SetMenuItemInfoW
DrawTextW
CreateWindowExW
RegisterWindowMessageW
PtInRect
DrawTextExW
SetWindowTextW
IsWindowUnicode
MapDialogRect
CharUpperW
DestroyWindow
CallNextHookEx
ReleaseCapture

kernel32

GetACP
HeapSize
lstrlenA
lstrcmpW
InterlockedIncrement
SleepEx
LoadLibraryExW
LocalFree
GetPriorityClass
WideCharToMultiByte
GetSystemTimeAsFileTime
GetProcessHeap
CloseHandle
FindNextVolumeW
TerminateProcess
InterlockedDecrement
GetCurrentThreadId
GlobalUnlock
CreateEventW
VirtualAllocEx
DeleteCriticalSection
OutputDebugStringA
HeapReAlloc
ExitProcess

ntdll

NtOpenEventPair
NtQueryMutant
NtExtendSection
NtPulseEvent
NtReleaseSemaphore
NtClearEvent
NtOpenMutant
NtQueryDirectoryObject
NtQueryObject
NtOpenFile
NtQuerySemaphore
NtPowerInformation

gdi32

PatBlt
DeleteObject
GetDeviceCaps
GetObjectA
CreateBitmap
SetTextColor
CreateFontIndirectW
CreateCompatibleBitmap
CreatePatternBrush
GetTextExtentPoint32W

adsnosrv

_Toupper
_FCosh
_LPoly
_LDscale
_LRteps
_Stold
_FDscale
_LExp
_LEps

msvcrt

_ismbblead
__setusermatherr
_errno
_cexit
free
_amsg_exit
_lock

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b4f63d607f7e808339d7d7334efd804

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ntdll

gdi32

adsnosrv

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 33KB - Virtual size: 32KB

.rsrc Size: 99KB - Virtual size: 100KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 99KB - Virtual size: 100KB