bbfff4273133380e9b27e1c6a328a7fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbfff4273133380e9b27e1c6a328a7fe_JaffaCakes118
Size

237KB
MD5

bbfff4273133380e9b27e1c6a328a7fe
SHA1

1850ed3ffcd8f92fe0751c384fa38658783c2445
SHA256

a3ac90e754d9fb4698a8ea10432399c23003c255d942922d2d2e65122896f924
SHA512

4b4875ae3ececdde7225cf6c0ef2f87be5c04a77bee19a77e72f948eff7249ee83f7eac656c33eb7717ac642cde6347a0819e950de10c7d4a64bfdf48ca9c1df
SSDEEP

6144:uqIOkcaZIJssSoil5i9SMgcXt0M3pMKZ3XdZsMTp:uVOT6SsDl56SPcXt0YpMC33sMTp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbfff4273133380e9b27e1c6a328a7fe_JaffaCakes118

Files

bbfff4273133380e9b27e1c6a328a7fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20648cf6d742d2d0523a321bbe1873a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW

gdi32

PlayEnhMetaFileRecord
RoundRect
CreatePen
GetEnhMetaFileBits
GetClipRgn
GetMetaFileBitsEx
SelectPalette
SetTextColor
SetRectRgn
DeleteEnhMetaFile
MoveToEx
GetEnhMetaFileHeader
GetPixel
GetObjectType
SetAbortProc
CreateFontIndirectA
SetMetaFileBitsEx
CombineRgn
GetNearestColor
CreateDIBPatternBrushPt
DeleteMetaFile
LineTo

msdxsscp

_Getctype
_LPoly
_FRteps
_LSinh
_Sinh
_Getcvt
_FDscale

ole32

OleUninitialize
ReadFmtUserTypeStg
OleRegEnumVerbs
OleIsCurrentClipboard
OleIsRunning
ProgIDFromCLSID
GetClassFile
OleLoad
OleCreateLinkToFile
OleSaveToStream
OleQueryCreateFromData
OleRegEnumFormatEtc
CoCreateInstance
WriteClassStg
StgCreateDocfileOnILockBytes

user32

GetScrollRange
ValidateRect
EndPaint
CopyRect
SetWindowTextW
SetClassLongA
CreateIcon
DestroyMenu
CallWindowProcW
UnregisterClassA
CopyAcceleratorTableA
InvertRect
GetForegroundWindow
MessageBeep
ClientToScreen
IsDlgButtonChecked
OffsetRect
InvalidateRgn
SetMenu
UpdateWindow
GetScrollPos
LoadAcceleratorsA
LoadIconA
SetCursor
InflateRect
WinHelpA
SetParent
ShowWindow
ShowCursor

kernel32

IsValidCodePage
GetLogicalDrives
SetCurrentDirectoryW
DeleteCriticalSection
GetSystemTime
HeapCreate
ReadFile
GlobalDeleteAtom
ResumeThread
GetVersion
UnhandledExceptionFilter
GetEnvironmentStringsW
GetStartupInfoA
FileTimeToSystemTime
GetTempPathA
CreateEventA
FindResourceA
Sleep
OutputDebugStringW
GetLocaleInfoW
VirtualFree
GlobalAlloc
GlobalFree
lstrcpyA
GlobalAlloc
SetPriorityClass
InterlockedDecrement
GetModuleFileNameA
GetLocaleInfoA
QueryPerformanceCounter
FreeEnvironmentStringsW
SetEvent
GlobalAddAtomA

ntdll

NtQueryInformationFile
RtlAddAce
RtlCreateTimer
NtSuspendThread
ZwSetEvent
RtlCancelTimer
ZwCreateTimer
RtlCompareMemory
NtTerminateThread
NtProtectVirtualMemory
RtlFreeUnicodeString

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20648cf6d742d2d0523a321bbe1873a2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

msdxsscp

ole32

user32

kernel32

ntdll

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 205KB - Virtual size: 208KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 205KB - Virtual size: 208KB