c016e192069630aba459f097a1766dc8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c016e192069630aba459f097a1766dc8_JaffaCakes118
Size

243KB
MD5

c016e192069630aba459f097a1766dc8
SHA1

69117ffd230a49332bd4972964980329daa55eac
SHA256

9dec408151eacbbbce239ab420a3ce3e487ace0d0190e1103b4991305800bd59
SHA512

0555011898549c2e6c2d7eb619b0acfb509d6cd3243be4e8c4a074acf342ad900a7243e9ad7b8e571f8c2bd70537572b2ed08a817ddfbcec5eb4e6c251589640
SSDEEP

6144:R1DpDYVxDFf6lerxU8w8wJvFvQFDjU+eRT10HeJvBx4tD:R1tDA+leC8wl3QF3U+eRpFJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c016e192069630aba459f097a1766dc8_JaffaCakes118

Files

c016e192069630aba459f097a1766dc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d74d9ce6419ba0cd9b9b68a63d8e6d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msrahell

_LDtest
_Hugeval
_LSnan
_FXbig
_LEps
_FDscale
_FEps
_LExp
_FDnorm
_Getctype
_Dscale
_LNan
_Dtest

ntdll

NtQueryInformationFile
RtlCreateTimer
NtCreateTimer
ZwSetEvent
ZwProtectVirtualMemory
NtSetSystemInformation
RtlAddAce

user32

GetTopWindow
CreateDialogIndirectParamW
MessageBeep
OffsetRect
SetWindowPlacement
EnableWindow
PeekMessageW
CopyAcceleratorTableA
ValidateRgn
EqualRect
GetScrollPos
GetSysColorBrush
DrawIconEx
wsprintfA
SetCursor
TranslateAcceleratorA
DestroyCursor
GetWindowRect
CallWindowProcW
CheckDlgButton
SetCursorPos
GetFocus
SetScrollRange
FindWindowA
LoadIconA
DispatchMessageW
TranslateMDISysAccel
ShowCaret
WaitMessage

ole32

OleGetClipboard
WriteClassStm
ProgIDFromCLSID
ReadFmtUserTypeStg
ReleaseStgMedium
GetClassFile
OleSetClipboard
GetRunningObjectTable
OleQueryLinkFromData
CoFileTimeNow
ReadClassStg
WriteFmtUserTypeStg
OleCreate

gdi32

GetDeviceCaps
MoveToEx
GetRasterizerCaps
Pie
GetDCOrgEx
GetBitmapBits
LineTo
GetObjectType
GetTextColor
CreateFontIndirectA
GetPixel
SetTextColor
ExtCreatePen
GetNearestColor
SelectPalette
ExtSelectClipRgn
GetTextAlign
GetRgnBox
FillRgn
PatBlt
OffsetWindowOrgEx
EndDoc
SetRectRgn
RestoreDC
GetPaletteEntries
GetTextCharsetInfo
SelectClipRgn
CreateRectRgn

kernel32

GlobalAddAtomA
HeapReAlloc
LockResource
LCMapStringW
TerminateProcess
SetFileAttributesW
GetOEMCP
VirtualFree
IsDBCSLeadByteEx
SystemTimeToFileTime
CreateProcessA
GetStringTypeW
LocalAlloc
GetCurrentThreadId
GlobalReAlloc
SetPriorityClass
MulDiv
Sleep
GetFileAttributesA
SetStdHandle
GetVersion
GetEnvironmentStringsW
ReadFile
GetLogicalDrives
GetSystemTime
CreateFileA
GlobalAlloc
TlsSetValue
GetProfileStringW
InterlockedDecrement

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d74d9ce6419ba0cd9b9b68a63d8e6d5

Headers

DLL Characteristics

File Characteristics

Imports

msrahell

ntdll

user32

ole32

gdi32

kernel32

advapi32

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 184KB - Virtual size: 188KB

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 184KB - Virtual size: 188KB