c142c8b2f59e1486c825307303ff699e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c142c8b2f59e1486c825307303ff699e_JaffaCakes118
Size

38KB
MD5

c142c8b2f59e1486c825307303ff699e
SHA1

03f3ee132b6f2a1968bc0a16282f3d911c6b02b8
SHA256

275f21b17e12e5e206d2138d43fc31b0742009275fc00271c8df6b92e4fbe93d
SHA512

536c3e00ea2f640f3193e8645c8b2fcfbc0d951d07ce413d12258df1e1b10ff813886d58856bd598bc19122f1dfcc4efc866e95a2558ae506077db9a495e15db
SSDEEP

384:a1Bd1QpGv22QhCF6SZ1zM11p1puTGMa+EBxHDUJ8DXhik7O8K1zcaJ7i38CMb:Q4gv6CF6SZ1zW1p1pu+xHDUiDS8mosB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c142c8b2f59e1486c825307303ff699e_JaffaCakes118

Files

c142c8b2f59e1486c825307303ff699e_JaffaCakes118
.dll windows:19174 windows x86 arch:x86

9a053820496598a1bdd12f733efab850

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
QueryPerformanceCounter
lstrcmpiW
GetProcessHeap
GetCommandLineW
GetCommandLineA
LocalFree
lstrcmpiW
VirtualFree
LocalFree
GetCommandLineW
GetCurrentProcess
SetEvent
GetModuleFileNameA
lstrcmpiW
GetTickCount
VirtualAlloc
GetCurrentThreadId
lstrcmpiW
SetUnhandledExceptionFilter
VirtualFree
VirtualFree
GetModuleHandleW
FreeLibrary
VirtualAlloc
GetModuleHandleW
GetCurrentProcess
GetCurrentProcessId
VirtualAlloc
LocalAlloc
MultiByteToWideChar
GetProcessHeap
QueryPerformanceCounter
FreeLibrary
GetCurrentProcessId
LocalFree
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcessId
VirtualAlloc
lstrlenW
GetCurrentThreadId

gdi32

LineTo
BitBlt
MoveToEx
GetStockObject
DeleteDC
CreateCompatibleDC
ExtTextOutW
SetBkMode
CreateCompatibleBitmap
SetBkMode
GetStockObject
SetTextColor
SetTextColor
LineTo
SetBkMode
SetBkMode
MoveToEx
BitBlt
TextOutW
SetTextColor
GetTextMetricsW
PatBlt
MoveToEx
SelectObject
PatBlt
MoveToEx
MoveToEx
GetTextMetricsW
GetTextMetricsW
SetBkMode
PatBlt
TextOutW
SetBkMode
CreateCompatibleDC
BitBlt
DeleteObject
SelectObject
GetObjectW
SetTextColor
GetObjectW
TextOutW
BitBlt

user32

SetTimer
GetMessageW
GetMessageW
SetTimer
DestroyWindow
SendMessageW
GetDC
GetSystemMetrics
SendMessageW
LoadStringW
DefWindowProcW
DefWindowProcW
UpdateLayeredWindow
PostMessageW
DefWindowProcW
GetSystemMetrics
PostMessageW
GetWindowRect
LoadIconW
GetSystemMetrics
PostMessageW
ReleaseDC
SetTimer
ReleaseDC
GetSystemMetrics
GetDC
GetDlgItem

Exports

Exports

CGgHUQar
IOwnOLs
XGurYfmDU
CjiAeCECXY
DWSnyDYI
DJVLxolOfr

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a053820496598a1bdd12f733efab850

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB